Lucene search
K

460 matches found

CVE
CVE
added 2003/09/12 4:0 a.m.106 views

CVE-2003-0715

CVE-2003-0715 describes a heap-based buffer overflow in the Windows RPCSS DCOM interface that can be triggered by a malformed DCERPC DCOM object activation request with modified length fields, enabling remote code execution. Affected: Windows NT 4.0 SPx, 2000, XP, and Server 2003 (DCOM RPC interf...

10CVSS7.7AI score0.37141EPSS
CVE
CVE
added 2005/06/15 4:0 a.m.105 views

CVE-2005-1206

CVE-2005-1206 describes a remote code execution vulnerability in Microsoft Windows SMB implementation. The SMB packet validation process contains a buffer-handling flaw that can allow an unauthenticated attacker to execute arbitrary code by sending specially crafted SMB packets. Affected products...

7.5CVSS7.8AI score0.70144EPSS
CVE
CVE
added 2006/06/13 7:0 p.m.105 views

CVE-2006-2370

CVE-2006-2370 describes a buffer/ memory corruption vulnerability in the Routing and Remote Access Service (RRAS) on Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1 and earlier. The flaw, triggered by certain crafted RPC-related requests to RRAS (RASMAN), allows remote attackers (authenticated ...

7.5CVSS9.7AI score0.72969EPSS
Web
CVE
CVE
added 2010/03/31 7:0 p.m.105 views

CVE-2010-0805

CVE-2010-0805 is an actively discussed vulnerability affecting the Internet Explorer Tabular Data Control ActiveX. The issue arises when a long DataURL parameter triggers a memory corruption inside CTDCCtl::SecurityCHeckDataURL, enabling remote code execution. Public material in connected docs co...

9.3CVSS7.5AI score0.80603EPSS
Web
CVE
CVE
added 2002/02/18 5:0 a.m.104 views

CVE-2002-0053

Technical details about CVE-2002-0053 are not publicly available in the provided connected documents. Monitor for updates.

7.5CVSS7.8AI score0.37913EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.103 views

CVE-2000-0673

The CVE-2000-0673 issue affects NetBIOS Name Server (NBNS) where the protocol lacks authentication, allowing remote attackers to cause a denial of service by sending spoofed Name Conflict or Name Release datagrams. Documented impact is DoS on affected hosts, e.g., NetBIOS name resolution disrupti...

5CVSS6.7AI score0.38209EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.102 views

CVE-2004-0117

The CVE-2004-0117 entry maps to a buffer-overflow in the Microsoft H.323 implementation that enables remote code execution. The connected MS04-0117 data clarifies that NetMeeting (and other H.323‑using components such as TAPI‑based H.323 apps, ICF, Routing and Remote Access) can be affected on Wi...

7.5CVSS7.8AI score0.26377EPSS
CVE
CVE
added 2008/07/08 11:0 p.m.102 views

CVE-2008-1454

Technical details about CVE-2008-1454 (affected product, vulnerable component, impact, patch) are not publicly provided in the connected documents. Monitor for updates.

9.4CVSS6.2AI score0.34072EPSS
CVE
CVE
added 2007/03/30 12:0 a.m.101 views

CVE-2007-1765

CVE-2007-1765 refers to a remote code execution/DoS vulnerability in Microsoft Windows (Windows 2000 SP4 through Vista) via a malformed ANI file that corrupts memory while processing cursors/animated cursors/icons in LoadAniIcon() of USER32.dll. Connected sources identify this as MS07-017 (RIFF/A...

9.3CVSS7.7AI score0.54326EPSS
CVE
CVE
added 2010/04/14 3:44 p.m.100 views

CVE-2010-0269

CVE-2010-0269 is a remote code execution vulnerability in the Microsoft SMB client. The issue arises from improper memory allocation when parsing specially crafted SMB responses, enabling an unauthenticated attacker to execute arbitrary code on a vulnerable system by sending a crafted SMB respons...

10CVSS7.5AI score0.28401EPSS
CVE
CVE
added 2007/07/10 10:0 p.m.99 views

CVE-2007-0040

CVE-2007-0040 affects Microsoft Windows Active Directory’s LDAP service (Windows 2000 Server SP4, Windows Server 2003 SP1/SP2, x64, Itanium variants). The issue is an LDAP request handling flaw related to the number of convertible attributes, enabling remote attackers to crash the service or exec...

10CVSS7.3AI score0.3917EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.98 views

CVE-2001-0241

CVE-2001-0241 affects the IIS 5.0 ISAPI Internet Printing Protocol extension (.printer) on Windows 2000. A buffer overflow in the Host: field of HTTP Printer requests allows remote code execution with the web server’s privileges. The provided documents describe an unchecked buffer in the ISAPI .p...

10CVSS6.8AI score0.87032EPSS
Web
CVE
CVE
added 2005/01/19 5:0 a.m.97 views

CVE-2004-1049

CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...

5.1CVSS7.7AI score0.29743EPSS
Web
CVE
CVE
added 2006/07/11 9:0 p.m.97 views

CVE-2006-1314

CVE-2006-1314 is a heap-based buffer overflow in the Windows Server Service (SRV.SYS) that affects Windows 2000 SP4, XP SP1/SP2, and Server 2003 (up to SP1). The vulnerability allows remote code execution via crafted first-class Mailslot messages, triggering memory corruption and bypassing size r...

7.5CVSS7.8AI score0.64231EPSS
CVE
CVE
added 2002/08/24 4:0 a.m.96 views

CVE-2002-0724

CVE-2002-0724 (MS02-045) describes a remote DoS in Windows SMB where handling SMB_COM_TRANSACTION with NetShareEnum/NetServerEnum2/NetServerEnum3 can overflow the heap when Max Param/Data Count is 0. A crafted packet may crash the host (Blue Screen) and, per CERT/Core advisories, might enable fur...

7.5CVSS6.5AI score0.30132EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.95 views

CVE-1999-0504

CVE-1999-0504 describes a Windows NT local account with a default, null, blank, or missing password. Public references note exploitation paths via Windows SMB/PSEXEC‑style mechanisms and remote command execution tooling, with related Metasploit modules referencing the CVE when using an administra...

7.5CVSS6.2AI score0.63703EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.95 views

CVE-1999-0585

Technical details about CVE-1999-0585 are not publicly available in the provided connected documents. The materials only reiterate the default Administrator account name without product/version or impact specifics. Monitor for updates.

2.1CVSS7AI score0.02482EPSS
CVE
CVE
added 2010/02/04 8:0 p.m.95 views

CVE-2010-0555

CVE-2010-0555 affects Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8. The root cause is URLMON sniffing that allows rendering of non-HTML local files as HTML documents after a redirect, bypassing access restrictions and enabling read of arbitrary files. The description identifies this a...

9.3CVSS6.2AI score0.20949EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.94 views

CVE-2009-2514

CVE-2009-2514 is a Win32k.sys remote code execution vulnerability in the embedded OpenType (EOT) font parsing path. The kernel component on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2 parses EOT fonts and can be coerced by a crafted font to execute arbitrary code with kernel privileges. The...

9.3CVSS7.1AI score0.47489EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.93 views

CVE-2004-0209

CVE-2004-0209 describes a buffer overflow in the Windows Graphics Rendering Engine during parsing of Windows Metafile (WMF) and Enhanced Metafile (EMF) formats, allowing remote code execution with the privileges of the logged-in user on affected Windows versions (Windows 2000, XP, and Server 2003...

10CVSS7.2AI score0.62054EPSS
Web
CVE
CVE
added 2009/12/09 6:0 p.m.93 views

CVE-2009-3677

CVE-2009-3677 describes an elevation-of-privilege bypass in the Internet Authentication Service (IAS) used by Microsoft Windows products. The issue arises because MS-CHAP v2 authentication requests sent over PEAP are not properly validated, allowing remote attackers to gain access to network reso...

10CVSS6.5AI score0.2182EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.92 views

CVE-2003-0906

CVE-2003-0906 is a buffer overrun in Windows WMF/EMF rendering that allows remote code execution via a malformed WMF/EMF image on Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1. Exploitation occurs when rendering or displaying the crafted metafile/image; Windows 2000/XP/NT systems ...

7.6CVSS7.9AI score0.25123EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.92 views

CVE-2008-4038

CVE-2008-4038 describes a remote code execution vulnerability in Microsoft Windows SMB file-name handling (SMB buffer underflow). The issue affects multiple Windows versions (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista SP1, and Server 2008) and arises when a specially craft...

10CVSS7.3AI score0.3917EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.91 views

CVE-1999-0391

CVE-1999-0391 involves the reuse of the SMB authentication cryptographic challenge in Windows 95/Windows 98, enabling an attacker to replay the response and impersonate a user. Affected software is Windows 95 and Windows 98; the vulnerability lies in the SMB authentication verification (cryptogra...

7.5CVSS7.1AI score0.04891EPSS
CVE
CVE
added 2004/12/31 5:0 a.m.91 views

CVE-2004-0567

Summary: CVE-2004-0567 refers to a buffer/_name validation vulnerability in Windows WINS that can allow remote code execution or denial of service via specially crafted WINS packets. Affected products/versions (as stated): Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser...

7.5CVSS7.9AI score0.72286EPSS
CVE
CVE
added 2006/12/22 2:0 a.m.91 views

CVE-2006-6696

CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...

6.9CVSS6.2AI score0.03284EPSS
CVE
CVE
added 2007/06/06 9:0 p.m.91 views

CVE-2007-3091

CVE-2007-3091 is the Internet Explorer cross-domain document switching race-condition vulnerability. The issue occurs in Internet Explorer (notably IE6 SP1 and IE7 on multiple Windows versions) where a page transition can inadvertently reveal or execute content across origins due to a race betwee...

7.1CVSS7.2AI score0.27748EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.90 views

CVE-2003-0717

CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...

7.5CVSS7.9AI score0.63464EPSS
CVE
CVE
added 2004/07/14 4:0 a.m.90 views

CVE-2004-0212

CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...

10CVSS7.7AI score0.66952EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.90 views

CVE-2004-0571

CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...

10CVSS7.6AI score0.30724EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.89 views

CVE-2002-0018

In Windows NT/Windows 2000, a domain trust relationship can be abused when a trusting domain accepts authorization data (SIDs) from a trusted domain without verifying that the trusted domain is authoritative for all SIDs. The root cause is failure to validate all SIDs in the authorization data su...

10CVSS6.7AI score0.1796EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.89 views

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

10CVSS7.4AI score0.15303EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.89 views

CVE-2003-0719

CVE-2003-0719 is a buffer overflow in the Microsoft SSL library’s Private Communications Transport (PCT) implementation. The vulnerability allows remote code execution via crafted PCT 1.0 handshake packets on affected Windows family systems (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003, NetMeet...

7.5CVSS7.8AI score0.83412EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.89 views

CVE-2003-0806

CVE-2003-0806 is a Winlogon buffer-overflow vulnerability in Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1 where a domain-joined user’s domain data is read during logon without proper bounds checking. The root cause is an unchecked size of a value used during logon that is inserte...

7.5CVSS7.9AI score0.32936EPSS
CVE
CVE
added 2012/03/28 7:0 p.m.89 views

CVE-2007-6753

CVE-2007-6753 describes an untrusted search path vulnerability in Shell32.dll affecting Windows 2000, XP, Vista, Server 2008, and 7. When an environment contains a string like %APPDATA% or %PROGRAMFILES% in a specific way, a Trojan horse DLL placed in the current working directory can be loaded, ...

6.2CVSS6.7AI score0.01818EPSS
CVE
CVE
added 2010/02/10 6:0 p.m.89 views

CVE-2010-0252

CVE-2010-0252 describes a remote code execution risk in the Microsoft Data Analyzer ActiveX control (max3activex.dll) used in Office/Excel components. A crafted web page can corrupt the system state and run arbitrary code with the caller’s privileges. Microsoft addressed this via MS10-034, which ...

9.3CVSS7.4AI score0.28762EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.88 views

CVE-1999-0874

CVE-1999-0874 maps to a buffer overflow in IIS 4.0’s ISAPI processing of HTR/IDC/STM files (ISM.DLL). Public sources show a remote overflow that can cause denial of service and, in several references, the potential for remote code execution on affected Windows NT systems (MS02-018/Microsoft MS99-...

10CVSS6.9AI score0.78099EPSS
Web
CVE
CVE
added 2004/10/16 4:0 a.m.88 views

CVE-2004-0206

CVE-2004-0206 describes a stack/unchecked-buffer overflow in the Windows NetDDE service that allows remote code execution or local privilege elevation. Affected platforms include Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The root cause is a buffer overflow tri...

7.5CVSS7.5AI score0.77002EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.88 views

CVE-2004-0901

CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...

10CVSS7.5AI score0.31053EPSS
CVE
CVE
added 2007/10/09 10:0 p.m.88 views

CVE-2007-2228

The CVE-2007-2228 entry describes a denial-of-service flaw in the RPC runtime library rpcrt4.dll on Windows platforms (XP SP2, XP x64, Server 2003 SP1/SP2, Server 2003 x64, Vista and Vista x64). The vulnerability occurs when parsing RPC authentication messages with NTLMSSP and PACKET level, where...

7.8CVSS6.4AI score0.43303EPSS
CVE
CVE
added 2009/04/15 3:49 a.m.88 views

CVE-2009-0089

CVE-2009-0089 describes a vulnerability in Windows HTTP Services (WinHTTP) where remote servers could impersonate HTTPS sites via DNS spoofing and forward a connection to a host with a valid certificate for a different domain. Affected: Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, and Vista...

5.8CVSS6.5AI score0.05071EPSS
CVE
CVE
added 2010/06/08 10:0 p.m.88 views

CVE-2010-0485

The CVE-2010-0485 issue affects Windows kernel-mode drivers in win32k.sys across multiple OS versions (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2, Windows 7, Server 2008 R2). The vulnerability stems from improper validation of callback parameters when creat...

7.8CVSS6.7AI score0.01228EPSS
CVE
CVE
added 2003/07/10 4:0 a.m.86 views

CVE-2003-0345

The CVE-2003-0345 issue affects Microsoft Windows SMB/CIFS implementations (Windows XP, 2000, NT). The root cause is a buffer overflow in the SMB packet handling where an incoming packet specifies a smaller buffer length than required, enabling a remote attacker to cause a denial of service and, ...

7.5CVSS8.1AI score0.34496EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.86 views

CVE-2003-0825

CVE-2003-0825 concerns the Windows Internet Naming Service (WINS) in Windows NT/2000/Server 2003 families, where malformed packets with improper lengths bypass WINS’ length validation. The result is a remote denial of service on Windows Server 2003 and, for older platforms, potential denial of se...

9.3CVSS7.2AI score0.12099EPSS
CVE
CVE
added 2004/07/14 4:0 a.m.86 views

CVE-2004-0201

The CVE-2004-0201 entry documents a heap-based buffer overflow in the HTML Help viewer hh.exe used by HTML Help (.chm) on Windows platforms (Windows 98, Me, NT 4.0, 2000, XP, and Server 2003). The vulnerability allows remote code execution via a .CHM file with a large length field, enabling an at...

10CVSS7.8AI score0.45137EPSS
CVE
CVE
added 2005/02/14 5:0 a.m.86 views

CVE-2005-0416

CVE-2005-0416 describes a stack-based buffer overflow in the Windows Animated Cursor (ANI) handling. The vulnerability affects Windows NT, Windows 2000 (SP4), Windows XP (SP1), and Windows 2003, where a crafted AnimationHeaderBlock length field can lead to remote code execution or memory corrupti...

7.5CVSS7.6AI score0.45486EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.86 views

CVE-2009-0555

CVE-2009-0555 is a Windows Media Runtime issue affecting the ASF handling in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and ACM. The flaw allows remote code execution via a crafted ASF audio file that uses the Windows Media Speech codec, as described in multiple sources (MS09-...

9.3CVSS7.2AI score0.27086EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.85 views

CVE-1999-0918

CVE-1999-0918 affects various Windows systems and is described as a denial of service caused by malformed, fragmented IGMP packets. The connected documents consistently state that sending malformed IGMP fragments can crash the remote host, resulting in an availability impact. The root cause is de...

7.8CVSS6.6AI score0.30471EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.85 views

CVE-2005-0045

CVE-2005-0045 is a remote code execution vulnerability in the SMB client/server implementation on Windows NT 4.0, 2000, XP and Server 2003. The issue stems from improper validation of SMB packets, enabling an attacker to execute arbitrary code by crafting SMB Transaction responses (notably Trans ...

7.5CVSS7.6AI score0.73094EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.83 views

CVE-2004-0118

CVE-2004-0118 : A local privilege-escalation vulnerability in the Virtual DOS Machine (VDM) subsystem on Windows NT 4.0 and Windows 2000. The issue arises from insufficient validation when referencing memory allocated to VDM, allowing a locally logged-on user to gain kernel/system access and exec...

7.2CVSS7.5AI score0.2224EPSS
Total number of security vulnerabilities460