24 matches found
CVE-2003-0001
The CVE-2003-0001 issue, known as Etherleak, is an information-disclosure vulnerability caused by NIC/device drivers not padding Ethernet frames with null bytes, allowing an adjacent attacker to glimpse memory content from previously transmitted packets. Connected documents show this vulnerabilit...
CVE-2002-1561
The CVE-2002-1561 issue affects the Windows RPC service stack (RPC Endpoint Mapper) on Windows 2000, NT 4.0, and XP. A malformed packet to TCP 135 can trigger a NULL pointer dereference in the RPC Endpoint Mapper, causing the RPC service to terminate and resulting in a denial of service for RPC-b...
CVE-2003-0109
CVE-2003-0109 is a remote code execution flaw caused by a buffer overflow in the Windows NTDLL.DLL when processing a WebDAV request to IIS 5.0. The vulnerability affects Windows NT 4.0/Terminal Server, Windows 2000, and Windows XP, with confirmed exploit examples and public PoCs (e.g., MS03-007) ...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2002-0863
The CVE-2002-0863 issue concerns Microsoft RDP (Remote Desktop Protocol) 5.0 on Windows 2000 and 5.1 on Windows XP, where checksums of plaintext session data are not encrypted. This could allow a remote attacker to sniff encrypted sessions and potentially recover plaintext contents (information d...
CVE-2003-0003
CVE-2003-0003 describes a locally/remotely exploitable buffer overflow in the Microsoft Locator service (RPC Locator) that allows arbitrary code execution when processing overly large RPC requests. Affected products include Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and...
CVE-2002-0864
CVE-2002-0864 corresponds to a Microsoft RDP flaw affecting Windows XP (RDP 5.1) where a Remote Desktop PDU Confirm Active packet that omits the Pattern BLT can cause a denial of service (crash). OpenVAS entries also describe an information-disclosure risk from RDP 5.0/5.1 due to unencrypted chec...
CVE-2002-1325
CVE-2002-1325 affects Microsoft Virtual Machine (VM) versions up to build 5.0.3805. A Java applet that accesses the user.dir system property can disclose the local user’s username to a remote attacker, via a crafted page or email. CERT notes the vulnerability could leak the user’s system path and...
CVE-2002-0693
The CVE-2002-0693 issue affects multiple Windows platforms (Windows 98, 98 SE, Millennium, NT 4.0 and Terminal Server, Windows 2000, Windows XP) through the HTML Help ActiveX control (hhctrl.ocx). The root cause is an unchecked/buffer overflow in the HTML Help facility ActiveX module that could b...
CVE-2002-1260
The CVE-2002-1260 vulnerability affects Microsoft Virtual Machine (VM) 5.0.3805 and earlier, where the JDBC APIs can be exploited by an untrusted Java applet to bypass security checks and access database contents. This is a remote, network‑vector issue that allows partial confidentiality/integrit...
CVE-2003-0010
The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...
CVE-2003-0496
CVE-2003-0496: Affected software is Microsoft SQL Server on Windows 2000 prior to SP4. By passing a named pipe as an argument to xp_fileexist, a local attacker can impersonate the SQL Server service account due to CreateFile/Named Pipe behavior. Impact is local privilege escalation to the SQL Ser...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2002-1256
CVE-2002-1256 describes a flaw in SMB signing in Windows 2000/XP that lets an attacker disable SMB signing in a session and inject unsigned data, potentially modifying group policy information sent from a domain controller. Affected products are Microsoft Windows 2000 and Windows XP; the root cau...
CVE-2003-0112
CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...
CVE-2002-1214
CVE-2002-1214 describes a buffer overflow in Microsoft PPTP Service affecting Windows XP and Windows 2000 (and Terminal Services) that can be triggered by a PPTP control data packet with malformed data. The vulnerability can lead to a denial of service and, in some cases, may allow the attacker t...
CVE-2002-1230
CVE-2002-1230 affects Windows NT 4.0/Terminal Server Edition, Windows 2000, and Windows XP via NetDDE Agent exploiting a WM_TIMER handling flaw. An untrusted WM_TIMER sequence (after WM_COPYDATA) could trigger arbitrary code execution with LocalSystem privileges, as described in MS02-071. The vul...
CVE-2005-1214
CVE-2005-1214 involves a spoofing flaw in Microsoft Agent that could allow remote attackers to impersonate trusted Internet content and potentially execute arbitrary code when a user visits a malicious Web page. Connected docs confirm the vulnerability (CAN-2005-1214) exists in Microsoft Agent an...
CVE-2005-1212
CVE-2005-1212 is a buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe). A crafted bookmark link file with a long User field in extensions .cbo/.cbl/.cbm allows remote code execution, running with the caller’s privileges. The issue affects Step-by-Step Interactive Training ...
CVE-2003-0111
The CVE-2003-0111 issue affects the ByteCode Verifier component of Microsoft Virtual Machine (VM) used in Windows/Internet Explorer, specifically build 5.0.3809 and earlier. The underlying flaw is that the VM bytecode verifier fails to properly check certain Java applets, allowing remote attacker...
CVE-2002-0720
Windows 2000 Network Connection Manager (NCM) contains a handler routine that, if configured insecurely, can run under LocalSystem and execute attacker-supplied code. A local user can leverage this to gain full system privileges, per multiple sources (e.g., OpenVAS/Nessus descriptions). Affected ...
CVE-2002-0444
Technical details about CVE-2002-0444 are not provided in the supplied documents. The description notes that Windows 2000 Terminal Server SYSVOL policy application can fail when connections exceed a maximum; monitor for official updates.
CVE-2002-1933
The CVE-2002-1933 issue affects Microsoft Windows 2000 Terminal Services: the terminal services screensaver does not automatically lock the terminal window when the window is minimized, potentially allowing local users to gain access to the terminal server window. The connected documents confirm ...