460 matches found
CVE-2009-2530
CVE-2009-2530 corresponds to an Internet Explorer memory corruption vulnerability (Uninitialized Memory Corruption) that could allow remote code execution when a user views a specially crafted Web page. Connected documents show Microsoft’s MS09-054 cumulative security update for Internet Explorer...
CVE-2010-0489
The CVE-2010-0489 entry corresponds to a Race Condition Memory Corruption vulnerability in Microsoft Internet Explorer (affecting IE 5.01 SP4, 6, 6 SP1, and 7). The connected sources confirm a remote code execution scenario triggered by specially crafted HTML/Web content, with exploitation possib...
CVE-1999-0384
The CVE concerns the Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0). The issue arises because this control can read text from a user’s clipboard when a user accesses documents containing ActiveX content. Impact is limited to disclosure of clipboard data as described i...
CVE-2000-0305
CVE-2000-0305 describes a remote DoS in Windows 95/98/2000/NT4/Terminal Server caused by sending large numbers of identical fragmented IP packets (the jolt2/IP Fragment Reassembly issue). The vulnerability arises from IP fragment processing and has been associated with Microsoft hotfix MS00-029 (...
CVE-2001-0879
CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...
CVE-2002-1325
CVE-2002-1325 affects Microsoft Virtual Machine (VM) versions up to build 5.0.3805. A Java applet that accesses the user.dir system property can disclose the local user’s username to a remote attacker, via a crafted page or email. CERT notes the vulnerability could leak the user’s system path and...
CVE-2005-0063
The CVE-2005-0063 issue stems from Windows Shell/MSHTA handling of file associations. A remote code execution vulnerability exists when a user opens a specially crafted OLE2 document (e.g., Word) whose CLSID is manipulated to invoke HTML Application Host (MSHTA) to process the file. Exploitation ...
CVE-2005-1984
CVE-2005-1984 is a buffer overflow in the Microsoft Print Spooler (Spoolsv.exe) affecting Windows 2000, XP, and Windows Server 2003. The vulnerability allows remote code execution via a crafted Print Spooler Service packet or message. Microsoft/MS05-043 (KB896423) addresses the issue with an upda...
CVE-2009-0088
CVE-2009-0088 describes a remote code execution vulnerability in the WordPerfect 6.x Converter (WPFT632.CNV) used by Word 2000 SP3 and the Office Converter Pack. The issue arises when the converter fails to properly validate the length of an input string, enabling a crafted WordPerfect 6.x docume...
CVE-2009-2506
The CVE-2009-2506 issue is a memory corruption/heap overflow vulnerability in WordPad and Office text converters when parsing the DocumentSummaryInformation stream of a specially crafted Word 97 DOC file. A remote attacker could execute arbitrary code with the privileges of the logged-on user by ...
CVE-2010-4562
CVE-2010-4562 affects Microsoft Windows platforms when using IPv6. It allows remote attackers to infer if a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and observing an Echo Reply (as demonstrated by thcping). The entry notes a typographical collision: so...
CVE-2001-0341
CVE-2001-0341 describes a remote code execution vulnerability in the Microsoft FrontPage Server Extensions, specifically the fp30reg.dll component used by IIS FrontPage. The root cause is an unchecked stack-based buffer overflow triggered by a registration URL longer than the expected length, all...
CVE-2003-0824
Microsoft FrontPage Server Extensions (FPSE) 2000/2002 and SharePoint Team Services 2002 are affected by two vulnerabilities described in MS03-051. The first is a remote denial-of-service in the remote debugging function of FPSE (buffer overrun in the fp30reg.dll/remote debug path) that could tem...
CVE-2004-0202
CVE-2004-0202 concerns a denial-of-service vulnerability in the DirectPlay API, specifically the IDirectPlay4 interfaces of DirectPlay within Microsoft DirectX. The issue arises from insufficient input/packet validation of incoming network data, enabling a remote attacker to crash a DirectPlay-ba...
CVE-2004-0893
This CVE describes two privilege-elevation flaws in Windows components from 2004: (1) the Local Procedure Call (LPC) interface in the Windows kernel fails to validate message lengths, enabling a locally-authenticated attacker to gain full control; and (2) LSASS validates identity tokens improperl...
CVE-2004-2339
CVE-2004-2339 affects Microsoft Windows 2000, XP, and possibly 2003. The vulnerability allows local users with SeDebugPrivilege to execute arbitrary code at kernel level and read/write kernel memory via NtSystemDebugControl, with argument pointer verification not performed. The issue is local and...
CVE-2005-0044
CVE-2005-0044 is the Input Validation Vulnerability in the Windows OLE component that could allow remote code execution. The NVD/NVD-derived data unify that the issue affects Windows 98, 2000, XP, and Server 2003, as well as Exchange Server 5.0–2003, caused by improper validation of message lengt...
CVE-2005-0050
CVE-2005-0050 covers a remote code execution/DoS vulnerability in the Windows License Logging Service (LLS) affecting Windows NT Server, Windows 2000 Server, and Windows Server 2003. The root cause is an unchecked buffer due to improper validation of message lengths, enabling a specially crafted ...
CVE-2005-0550
CVE-2005-0550 describes a buffer overflow in Microsoft Windows Object Management handling that could be exploited locally to cause a denial of service (system crash). Affected products include Windows 2000, Windows XP (SP1 and SP2), and Windows Server 2003. The underlying issue is an unchecked bu...
CVE-2005-2118
Summary (CVE-2005-2118 / CVE-2005-2122) : Both vulnerabilities stem from how Windows Shell handles .lnk shortcut files, enabling remote code execution through crafted shortcuts or properties. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003. The issues differ in the...
CVE-2008-1084
CVE-2008-1084 affects the Windows kernel (Win32k). The issue is a local privilege escalation in the kernel’s win32k.sys, traced to improper input validation, with one affected function allegedly NtUserFnOUTSTRING. Impact is local code execution with HIGH severity (CVSS v2 base 7.2) on Windows 200...
CVE-2009-0228
CVE-2009-0228 describes a remote code execution vulnerability in Windows 2000 SP4’s Print Spooler service (win32spl.dll) via a malformed ShareName in responses to RPC requests handled by EnumeratePrintShares. The issue is a stack-based buffer overflow that could allow an attacker to execute arbit...
CVE-2009-0235
The CVE-2009-0235 entry covers a stack-based buffer overflow in WordPad’s Word 97 text converter used to open Word 97 files on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP1/SP2. The root cause is a mismatch between a 32-bit length value from the file and the lower 16 bits used during a copy, ...
CVE-2010-0236
The CVE-2010-0236 entry concerns a Windows kernel memory allocation vulnerability in which memory is not properly allocated for the destination key when extracting a symbolic‑link registry key. A local attacker could exploit this elevation‑of‑privilege flaw to execute code in kernel mode, potenti...
CVE-2010-0484
CVE-2010-0484 affects Windows kernel-mode drivers in win32k.sys. The vulnerability arises from improper validation/memory handling when processing Device Contexts (DC) via GetDCEx, enabling local users to execute arbitrary code in kernel mode (ring0) on affected Windows versions. Affected are Win...
CVE-2010-0494
CVE-2010-0494 is the HTML Element Cross-Domain Vulnerability in Internet Explorer (IE6/6 SP1/7/8) that allows information disclosure when a user drags one IE window across another. The issue affects IE’s handling of cross-domain scripting context and is addressed by Microsoft Security Bulletin MS...
CVE-1999-0721
CVE-1999-0721 describes a Denial of Service in Windows NT Local Security Authority (LSA) caused by a malformed LSA request. Affected component is LSA handling within Windows NT; exploitation could crash or disrupt LSA service, impacting system availability. The NVD entry lists a base score of 7.8...
CVE-2002-0693
The CVE-2002-0693 issue affects multiple Windows platforms (Windows 98, 98 SE, Millennium, NT 4.0 and Terminal Server, Windows 2000, Windows XP) through the HTML Help ActiveX control (hhctrl.ocx). The root cause is an unchecked/buffer overflow in the HTML Help facility ActiveX module that could b...
CVE-2003-0813
Technical details for CVE-2003-0813 are not publicly provided in the supplied documents; no concrete affected products/versions or fixes are listed. Monitor for updates.
CVE-2005-0803
CVE-2005-0803 is an EMF/WMF rendering vulnerability in Windows. The Enhanced Metafile rendering API in GDI32.DLL can crash or be exploited remotely when a specially crafted EMF/WMF file is processed, due to an unchecked buffer/invalid offsets (end, emreof, palent). Affects Windows 2000, Windows X...
CVE-2005-1208
CVE-2005-1208 describes a remote code execution vulnerability in Microsoft HTML Help (CHM/InfoTech Storage protocols like ms-its, ms-itss, its, mk:@MSITStore). The root cause is an integer overflow/heap-based buffer overflow when processing crafted CHM content with a large size field, exploitable...
CVE-2009-1547
CVE-2009-1547 concerns Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7. The issue is a remote code execution vulnerability triggered by a crafted data-stream header causing memory corruption in the browser. Technical details across connected docs show that this affects legacy IE versions an...
CVE-2009-2513
CVE-2009-2513 is the Win32k Insufficient Data Validation Vulnerability affecting the Windows kernel-mode GDI path (win32k.sys). The issue stems from improper validation of user-mode input in the GDI subsystem, allowing local users to execute arbitrary code in kernel mode and escalate privileges. ...
CVE-2002-1260
The CVE-2002-1260 vulnerability affects Microsoft Virtual Machine (VM) 5.0.3805 and earlier, where the JDBC APIs can be exploited by an untrusted Java applet to bypass security checks and access database contents. This is a remote, network‑vector issue that allows partial confidentiality/integrit...
CVE-2003-0659
CVE-2003-0659 describes a buffer-overflow in a function used by the Windows ListBox and ComboBox controls (User32.dll) that can be triggered by crafted Windows messages (LB_DIR/CB_DIR). This local, interactive vulnerability could allow an attacker who can log on to execute arbitrary code with the...
CVE-2004-0207
CVE-2004-0207 is a local privilege-elevation vulnerability in the Windows Window Management APIs (SetWindowLong/SetWindowLongPtr) that could let a logged-on user change properties of higher-privileged processes and gain full control of the system. Affected Windows platforms include Windows 98, NT...
CVE-2004-0568
HyperTerminal for Windows NT 4.0/2000/XP/Server 2003 contains a buffer overflow in session file handling due to improper validation of a value’s length. This allows a remote attacker to execute arbitrary code when a user opens a malicious HyperTerminal session file (.ht), or follows a web/Telnet ...
CVE-2004-1319
The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...
CVE-2005-1983
CVE-2005-1983 involves a stack-based buffer overflow in the Windows Plug and Play (PnP) service. Public details in connected sources describe a remote-code-execution vulnerability that can be triggered by a crafted PnP RPC packet, affecting Windows 2000 and Windows XP with SP1, and was notably ex...
CVE-2009-0093
MS09-008 fixes multiple DNS/WINS vulnerabilities in Windows servers that could allow remote attackers to spoof WPAD/ISATAP and hijack network traffic. The WPAD vulnerability (CVE-2009-0093) arises when dynamic updates are enabled and WPAD/ISATAP registrations are not restricted in DNS, enabling a...
CVE-2009-0232
CVE-2009-0232: A remote-code-execution vulnerability in the Embedded OpenType (EOT) Font Engine. An integer overflow occurs while parsing EOT name tables, affecting Windows 2000 SP4; XP SP2/SP3; Server 2003 SP2; Vista SP1/SP2; and Server 2008 Gold/SP2. An attacker could exploit this via a crafted...
CVE-2009-1126
CVE-2009-1126 corresponds to the Windows Desktop Parameter Edit Vulnerability. Affected products are Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP2. The kernel fails to properly validate user-mode input when editing a specific desktop parameter, enabling a local attacker to execute cod...
CVE-2009-2531
CVE-2009-2531 corresponds to an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE 6, 6 SP1, 7, and 8). The connected MSKB MS09-054 describes a cumulative security update that mitigates remote code execution by requiring users visit a malicious page; applying the MS0...
CVE-2010-0483
CVE-2010-0483 targets VBScript.dll in VBScript 5.1/5.6/5.7/5.8 on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. When Internet Explorer is used, referencing a crafted .hlp file via the MsgBox function’s helpfile argument (local, UNC, or WebDAV) can lead to code execution via winhlp32.exe if t...
CVE-2003-0010
The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...
CVE-2003-0807
CVE-2003-0807 : A denial-of-service vulnerability in Microsoft Windows where the COM Internet Services (CIS) and RPC over HTTP Proxy components can be overwhelmed by a crafted forwarded response, causing the backend to stop accepting requests. Related connected documents (MS04-012) identify this ...
CVE-2005-1218
CVE-2005-1218 describes a denial-of-service in the Microsoft Windows Remote Desktop Protocol (RDP) service affecting Windows 2000/XP/Server 2003. Root cause: an input-validation flaw in how RDP messages are processed, which could allow a remote attacker to crash the RDP service by sending a craft...
CVE-2008-3479
CVE-2008-3479 is a remote code execution vulnerability in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) on Windows 2000 SP4 . The issue stems from a heap-based overflow caused by improper processing/parsing of an RPC request to MSMQ, allowing an unauthenticated, network-based attacker ...
CVE-2009-1919
Microsoft Internet Explorer variants 5.01–8 on Windows 2000–Vista/Server 2003/2008 are affected by an Uninitialized Memory Corruption vulnerability in memory handling of deleted objects when processing HTML with embedded style sheets. The connected KB describes MS09-034 (Cumulative Security Updat...
CVE-1999-0153
CVE-1999-0153 corresponds to a Windows 95/NT vulnerability (WinNuke) where sending a NetBIOS OOB data packet to the affected host can cause a denial of service. The vulnerability is described across multiple sources (CVE records, Red Hat advisory, NVD/Nessus notes) as an out-of-band data DoS cond...