Lucene search
K

117 matches found

symantec
symantec
added 2009/11/10 12:0 a.m.23 views

Microsoft Windows Kernel GDI Data Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. This issue affects the Graphics Device Interface GDI. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result ...

8AI score
Exploits0References1Affected Software10
openvas
openvas
added 2009/09/02 12:0 a.m.22 views

Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability

This host is running Windows Server 2003 operating system and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmswin2k3dosvulnsep09.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability Authors: Antu Sanadi Copyrigh...

7.1CVSS6.6AI score0.1671EPSS
Exploits2References4
nvd
nvd
added 2009/08/31 4:30 p.m.33 views

CVE-2009-3020

win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...

7.1CVSS8.3AI score0.1671EPSS
Exploits2References6
exploitdb
exploitdb
added 2009/08/11 12:0 a.m.41 views

Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash

MS Windows 2003 EOT File BSOD Crash Exploit author: webDEViL https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/9417.zip 2009-wwbsod.zip milw0rm.com 2009-08-11...

7.4AI score
Exploits0
symantec
symantec
added 2009/06/09 12:0 a.m.17 views

Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

0.4AI score
Exploits0Affected Software9
symantec
symantec
added 2009/06/09 12:0 a.m.16 views

Microsoft Windows Print Spooler Local Information Disclosure Vulnerability

Description Microsoft Windows Messenger is prone to a local information-disclosure vulnerability that affects the Print Spooler service. Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Messaging...

0.3AI score
Exploits0References1Affected Software12
openvas
openvas
added 2009/06/04 12:0 a.m.22 views

Microsoft Windows Server 2003 win32k.sys DoS Vulnerability

This host is running Windows Server 2003 operating system and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmswin2k3dosvuln.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Server 2003 win32k.sys DoS Vulnerability Authors: Nikita MR Copyright: Copyright c 20...

4.7CVSS6.6AI score0.013EPSS
Exploits1References1
seebug
seebug
added 2009/04/16 12:0 a.m.44 views

Microsoft Windows WMI服务隔离本地权限提升漏洞(MS09-012)

BUGTRAQ ID: 34442 CVECAN ID: CVE-2009-0078 Microsoft Windows是微软发布的非常流行的操作系统。 Windows管理规范(WMI)提供程序没有正确地隔离NetworkService或LocalService帐号下运行的进程,同一帐号下运行的两个独立进程可以完全访问对方的文件句柄、注册表项等资源。WMI提供程序主机进程在某些情况下会持有SYSTEM令牌,如果攻击者可以以...

7.2CVSS6.3AI score0.02744EPSS
Exploits1
symantec
symantec
added 2009/04/14 12:0 a.m.24 views

Microsoft WinHTTP Server Name Mismatch Certificate Validation Security Bypass Vulnerability

Description Microsoft Windows HTTP Services WinHTTP is prone to a security-bypass vulnerability because of an error in verifying website certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further...

6.9AI score
Exploits0Affected Software8
symantec
symantec
added 2009/03/10 12:0 a.m.22 views

Microsoft Windows Kernel Handle Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected...

0.1AI score
Exploits0Affected Software11
prion
prion
added 2009/01/14 10:30 p.m.23 views

Remote code execution

Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Cod...

10CVSS8.7AI score0.45756EPSS
Exploits1References8
seebug
seebug
added 2008/12/11 12:0 a.m.32 views

Microsoft写字板文件转换器远程代码执行漏洞

BUGTRAQ ID: 32718 CVECAN ID: CVE-2008-4841 写字板是Windows操作系统中附件所提供的简单文本编辑工具。 对于没有安装Word的用户,可以使用写字板的文本转换器来打开.doc格式文档。如果用户使用转换器打开了特制的.doc、.wri或.rtf格式文档的话,就可能触发内存破坏,导致执行任意代码。目前这个漏洞正在被积极的利用。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 200...

9.3CVSS6.3AI score0.4303EPSS
Exploits6
symantec
symantec
added 2008/08/12 12:0 a.m.14 views

Microsoft Windows Event System Array Index Verification Remote Code Execution Vulnerability

Description Microsoft Windows Event System is prone to a remote code-execution vulnerability. Remote authenticated attackers can exploit this issue to execute arbitrary code with SYSTEM privileges. A successful attack can result in a full compromise of the affected computer. Technologies Affected...

0.4AI score
Exploits0References1Affected Software9
symantec
symantec
added 2008/06/17 12:0 a.m.25 views

Microsoft Word Bulleted List Handling Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open and interact with malicious Word files. Successfully exploiting this issue will corrupt memory and crash the application. Given the nature of this...

7.9AI score
Exploits0References3Affected Software5
seebug
seebug
added 2008/06/14 12:0 a.m.42 views

Microsoft Windows WINS服务本地权限提升漏洞(MS08-034)

BUGTRAQ ID: 29588 CVECAN ID: CVE-2008-1451 Microsoft Windows是微软发布的非常流行的操作系统。 Windows中的WINS服务没有充分验证特制WINS网络报文内的数据结构,可能允许本地攻击者使用提升的权限运行代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。随后,攻击者可以安装程序;查看、更改或删除数据;或者创建新帐户。 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows 2000SP4 Microsoft...

7.2CVSS6.4AI score0.04142EPSS
Exploits3
seebug
seebug
added 2007/12/13 12:0 a.m.15 views

Microsoft Internet Explorer cloneNode()和nodeValue()远程内存破坏漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理"cloneNode"和"nodeValue"函数存在内存破坏问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 由于不正确使用"cloneNode"和"nodeValue" JavaScript函数,在重复的调用其中某个函数过程中使用特定构建的元素,可导致内存破坏,可能以应用程序进程权限执行任意指令。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 -...

7AI score
Exploits0
seebug
seebug
added 2007/08/17 12:0 a.m.35 views

Microsoft XML Core Services SubstringData堆溢出漏洞(MS07-042)

BUGTRAQ ID: 25301 CVECAN ID: CVE-2007-2223 Microsoft Windows是微软发布的非常流行的操作系统。 Windows XML Core程序库在处理畸形畸形的调用时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 XML Core Services(也被称为MSXML)是Windows操作系统中所安装的用于处理XML文件的函数库。在使用该函数库时没有对XMLDOM对象substringData方式的长度参数执行正确的检查,如果提供了超长的长度值的话,就可能将数据拷贝到不充分的缓冲区,触发堆溢出,导致执行任意指令。 Microso...

9.3CVSS6.8AI score0.48722EPSS
Exploits1
prion
prion
added 2007/06/04 5:30 p.m.16 views

Code injection

Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account...

1.8CVSS6.9AI score0.01641EPSS
Exploits0References4Affected Software1
seebug
seebug
added 2007/04/17 12:0 a.m.40 views

Microsoft Windows CSRSS MSGBox远程代码执行漏洞

Microsoft Windows是一款商业性质的操作系统。 Microsoft Windows客户端/服务端实时子系统处理存在问题,远程攻击者可以利用漏洞以系统进程权限执行任意指令。 由于CSRSS服务处理错误消息存在问题,攻击者通过构建特殊的应用程序来触发此漏洞,可导致以系统进程权限执行任意指令。目前没有详细漏洞细节提供。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microso...

7AI score
Exploits0
symantec
symantec
added 2007/02/13 12:0 a.m.15 views

Microsoft MFC Embedded OLE Object Remote Code Execution Vulnerability

Description The Microsoft MFC component for Microsoft Windows and Microsoft Visual Studio .NET is prone to a remote code-execution vulnerability. This issue occurs when the application using the component attempts to parse malformed Rich Text Files RTF. An attacker could exploit this issue by...

8AI score
Exploits0References3Affected Software5
Rows per page
Query Builder