460 matches found
CVE-2003-0715
CVE-2003-0715 describes a heap-based buffer overflow in the Windows RPCSS DCOM interface that can be triggered by a malformed DCERPC DCOM object activation request with modified length fields, enabling remote code execution. Affected: Windows NT 4.0 SPx, 2000, XP, and Server 2003 (DCOM RPC interf...
CVE-2005-1206
CVE-2005-1206 describes a remote code execution vulnerability in Microsoft Windows SMB implementation. The SMB packet validation process contains a buffer-handling flaw that can allow an unauthenticated attacker to execute arbitrary code by sending specially crafted SMB packets. Affected products...
CVE-2006-2370
CVE-2006-2370 describes a buffer/ memory corruption vulnerability in the Routing and Remote Access Service (RRAS) on Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1 and earlier. The flaw, triggered by certain crafted RPC-related requests to RRAS (RASMAN), allows remote attackers (authenticated ...
CVE-2010-0805
CVE-2010-0805 is an actively discussed vulnerability affecting the Internet Explorer Tabular Data Control ActiveX. The issue arises when a long DataURL parameter triggers a memory corruption inside CTDCCtl::SecurityCHeckDataURL, enabling remote code execution. Public material in connected docs co...
CVE-2002-0053
Technical details about CVE-2002-0053 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2000-0673
The CVE-2000-0673 issue affects NetBIOS Name Server (NBNS) where the protocol lacks authentication, allowing remote attackers to cause a denial of service by sending spoofed Name Conflict or Name Release datagrams. Documented impact is DoS on affected hosts, e.g., NetBIOS name resolution disrupti...
CVE-2004-0117
The CVE-2004-0117 entry maps to a buffer-overflow in the Microsoft H.323 implementation that enables remote code execution. The connected MS04-0117 data clarifies that NetMeeting (and other H.323‑using components such as TAPI‑based H.323 apps, ICF, Routing and Remote Access) can be affected on Wi...
CVE-2008-1454
Technical details about CVE-2008-1454 (affected product, vulnerable component, impact, patch) are not publicly provided in the connected documents. Monitor for updates.
CVE-2007-1765
CVE-2007-1765 refers to a remote code execution/DoS vulnerability in Microsoft Windows (Windows 2000 SP4 through Vista) via a malformed ANI file that corrupts memory while processing cursors/animated cursors/icons in LoadAniIcon() of USER32.dll. Connected sources identify this as MS07-017 (RIFF/A...
CVE-2010-0269
CVE-2010-0269 is a remote code execution vulnerability in the Microsoft SMB client. The issue arises from improper memory allocation when parsing specially crafted SMB responses, enabling an unauthenticated attacker to execute arbitrary code on a vulnerable system by sending a crafted SMB respons...
CVE-2007-0040
CVE-2007-0040 affects Microsoft Windows Active Directory’s LDAP service (Windows 2000 Server SP4, Windows Server 2003 SP1/SP2, x64, Itanium variants). The issue is an LDAP request handling flaw related to the number of convertible attributes, enabling remote attackers to crash the service or exec...
CVE-2001-0241
CVE-2001-0241 affects the IIS 5.0 ISAPI Internet Printing Protocol extension (.printer) on Windows 2000. A buffer overflow in the Host: field of HTTP Printer requests allows remote code execution with the web server’s privileges. The provided documents describe an unchecked buffer in the ISAPI .p...
CVE-2004-1049
CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...
CVE-2006-1314
CVE-2006-1314 is a heap-based buffer overflow in the Windows Server Service (SRV.SYS) that affects Windows 2000 SP4, XP SP1/SP2, and Server 2003 (up to SP1). The vulnerability allows remote code execution via crafted first-class Mailslot messages, triggering memory corruption and bypassing size r...
CVE-2002-0724
CVE-2002-0724 (MS02-045) describes a remote DoS in Windows SMB where handling SMB_COM_TRANSACTION with NetShareEnum/NetServerEnum2/NetServerEnum3 can overflow the heap when Max Param/Data Count is 0. A crafted packet may crash the host (Blue Screen) and, per CERT/Core advisories, might enable fur...
CVE-1999-0504
CVE-1999-0504 describes a Windows NT local account with a default, null, blank, or missing password. Public references note exploitation paths via Windows SMB/PSEXEC‑style mechanisms and remote command execution tooling, with related Metasploit modules referencing the CVE when using an administra...
CVE-1999-0585
Technical details about CVE-1999-0585 are not publicly available in the provided connected documents. The materials only reiterate the default Administrator account name without product/version or impact specifics. Monitor for updates.
CVE-2010-0555
CVE-2010-0555 affects Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8. The root cause is URLMON sniffing that allows rendering of non-HTML local files as HTML documents after a redirect, bypassing access restrictions and enabling read of arbitrary files. The description identifies this a...
CVE-2009-2514
CVE-2009-2514 is a Win32k.sys remote code execution vulnerability in the embedded OpenType (EOT) font parsing path. The kernel component on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2 parses EOT fonts and can be coerced by a crafted font to execute arbitrary code with kernel privileges. The...
CVE-2004-0209
CVE-2004-0209 describes a buffer overflow in the Windows Graphics Rendering Engine during parsing of Windows Metafile (WMF) and Enhanced Metafile (EMF) formats, allowing remote code execution with the privileges of the logged-in user on affected Windows versions (Windows 2000, XP, and Server 2003...
CVE-2009-3677
CVE-2009-3677 describes an elevation-of-privilege bypass in the Internet Authentication Service (IAS) used by Microsoft Windows products. The issue arises because MS-CHAP v2 authentication requests sent over PEAP are not properly validated, allowing remote attackers to gain access to network reso...
CVE-2003-0906
CVE-2003-0906 is a buffer overrun in Windows WMF/EMF rendering that allows remote code execution via a malformed WMF/EMF image on Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1. Exploitation occurs when rendering or displaying the crafted metafile/image; Windows 2000/XP/NT systems ...
CVE-2008-4038
CVE-2008-4038 describes a remote code execution vulnerability in Microsoft Windows SMB file-name handling (SMB buffer underflow). The issue affects multiple Windows versions (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista SP1, and Server 2008) and arises when a specially craft...
CVE-1999-0391
CVE-1999-0391 involves the reuse of the SMB authentication cryptographic challenge in Windows 95/Windows 98, enabling an attacker to replay the response and impersonate a user. Affected software is Windows 95 and Windows 98; the vulnerability lies in the SMB authentication verification (cryptogra...
CVE-2004-0567
Summary: CVE-2004-0567 refers to a buffer/_name validation vulnerability in Windows WINS that can allow remote code execution or denial of service via specially crafted WINS packets. Affected products/versions (as stated): Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser...
CVE-2006-6696
CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...
CVE-2007-3091
CVE-2007-3091 is the Internet Explorer cross-domain document switching race-condition vulnerability. The issue occurs in Internet Explorer (notably IE6 SP1 and IE7 on multiple Windows versions) where a page transition can inadvertently reveal or execute content across origins due to a race betwee...
CVE-2003-0717
CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...
CVE-2004-0212
CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...
CVE-2004-0571
CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...
CVE-2002-0018
In Windows NT/Windows 2000, a domain trust relationship can be abused when a trusting domain accepts authorization data (SIDs) from a trusted domain without verifying that the trusted domain is authoritative for all SIDs. The root cause is failure to validate all SIDs in the authorization data su...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2003-0719
CVE-2003-0719 is a buffer overflow in the Microsoft SSL library’s Private Communications Transport (PCT) implementation. The vulnerability allows remote code execution via crafted PCT 1.0 handshake packets on affected Windows family systems (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003, NetMeet...
CVE-2003-0806
CVE-2003-0806 is a Winlogon buffer-overflow vulnerability in Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1 where a domain-joined user’s domain data is read during logon without proper bounds checking. The root cause is an unchecked size of a value used during logon that is inserte...
CVE-2007-6753
CVE-2007-6753 describes an untrusted search path vulnerability in Shell32.dll affecting Windows 2000, XP, Vista, Server 2008, and 7. When an environment contains a string like %APPDATA% or %PROGRAMFILES% in a specific way, a Trojan horse DLL placed in the current working directory can be loaded, ...
CVE-2010-0252
CVE-2010-0252 describes a remote code execution risk in the Microsoft Data Analyzer ActiveX control (max3activex.dll) used in Office/Excel components. A crafted web page can corrupt the system state and run arbitrary code with the caller’s privileges. Microsoft addressed this via MS10-034, which ...
CVE-1999-0874
CVE-1999-0874 maps to a buffer overflow in IIS 4.0’s ISAPI processing of HTR/IDC/STM files (ISM.DLL). Public sources show a remote overflow that can cause denial of service and, in several references, the potential for remote code execution on affected Windows NT systems (MS02-018/Microsoft MS99-...
CVE-2004-0206
CVE-2004-0206 describes a stack/unchecked-buffer overflow in the Windows NetDDE service that allows remote code execution or local privilege elevation. Affected platforms include Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The root cause is a buffer overflow tri...
CVE-2004-0901
CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...
CVE-2007-2228
The CVE-2007-2228 entry describes a denial-of-service flaw in the RPC runtime library rpcrt4.dll on Windows platforms (XP SP2, XP x64, Server 2003 SP1/SP2, Server 2003 x64, Vista and Vista x64). The vulnerability occurs when parsing RPC authentication messages with NTLMSSP and PACKET level, where...
CVE-2009-0089
CVE-2009-0089 describes a vulnerability in Windows HTTP Services (WinHTTP) where remote servers could impersonate HTTPS sites via DNS spoofing and forward a connection to a host with a valid certificate for a different domain. Affected: Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, and Vista...
CVE-2010-0485
The CVE-2010-0485 issue affects Windows kernel-mode drivers in win32k.sys across multiple OS versions (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2, Windows 7, Server 2008 R2). The vulnerability stems from improper validation of callback parameters when creat...
CVE-2003-0345
The CVE-2003-0345 issue affects Microsoft Windows SMB/CIFS implementations (Windows XP, 2000, NT). The root cause is a buffer overflow in the SMB packet handling where an incoming packet specifies a smaller buffer length than required, enabling a remote attacker to cause a denial of service and, ...
CVE-2003-0825
CVE-2003-0825 concerns the Windows Internet Naming Service (WINS) in Windows NT/2000/Server 2003 families, where malformed packets with improper lengths bypass WINS’ length validation. The result is a remote denial of service on Windows Server 2003 and, for older platforms, potential denial of se...
CVE-2004-0201
The CVE-2004-0201 entry documents a heap-based buffer overflow in the HTML Help viewer hh.exe used by HTML Help (.chm) on Windows platforms (Windows 98, Me, NT 4.0, 2000, XP, and Server 2003). The vulnerability allows remote code execution via a .CHM file with a large length field, enabling an at...
CVE-2005-0416
CVE-2005-0416 describes a stack-based buffer overflow in the Windows Animated Cursor (ANI) handling. The vulnerability affects Windows NT, Windows 2000 (SP4), Windows XP (SP1), and Windows 2003, where a crafted AnimationHeaderBlock length field can lead to remote code execution or memory corrupti...
CVE-2009-0555
CVE-2009-0555 is a Windows Media Runtime issue affecting the ASF handling in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and ACM. The flaw allows remote code execution via a crafted ASF audio file that uses the Windows Media Speech codec, as described in multiple sources (MS09-...
CVE-1999-0918
CVE-1999-0918 affects various Windows systems and is described as a denial of service caused by malformed, fragmented IGMP packets. The connected documents consistently state that sending malformed IGMP fragments can crash the remote host, resulting in an availability impact. The root cause is de...
CVE-2005-0045
CVE-2005-0045 is a remote code execution vulnerability in the SMB client/server implementation on Windows NT 4.0, 2000, XP and Server 2003. The issue stems from improper validation of SMB packets, enabling an attacker to execute arbitrary code by crafting SMB Transaction responses (notably Trans ...
CVE-2004-0118
CVE-2004-0118 : A local privilege-escalation vulnerability in the Virtual DOS Machine (VDM) subsystem on Windows NT 4.0 and Windows 2000. The issue arises from insufficient validation when referencing memory allocated to VDM, allowing a locally logged-on user to gain kernel/system access and exec...