404 matches found
CVE-2013-5065
NDProxy.sys in the Windows kernel is affected by a local privilege escalation flaw (CVE-2013-5065) caused by improper input validation in the NDPROXY driver. A crafted IOCTL path allows a local attacker to exploit a NULL pointer dereference to escalate privileges on affected systems. Public explo...
CVE-2015-1701
CVE-2015-1701 is a Win32k.sys kernel-mode privilege-escalation flaw affecting Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2. The issue stems from improper handling within win32k, notably around the ClientCopyImage/SetWindowLongPtr path, enabling a crafted user-mode input to execute code...
CVE-2009-2524
CVE-2009-2524 refers to an Integer Overflow in LSASS during NTLM authentication in multiple Windows versions. A malformed NTLM packet can cause LSASS to crash and reboot the host, i.e., a denial-of-service condition. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows ...
CVE-2011-0657
CVE-2011-0657 affects the DNSAPI.dll DNS client in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 SP1). Root cause: improper processing of DNS queries by the DNS client, enabling remote attackers to run arbitrary code via (1) a crafted L...
CVE-2003-0352
CVE-2003-0352 describes a buffer overflow vulnerability in the DCOM RPC interface (RPCSS) of Windows NT 4.0 SP3-6a, Windows 2000, XP, and Server 2003. The issue is a stack/heap buffer overflow triggered by a malformed DCERPC DCOM object activation request with modified length fields, allowing rem...
CVE-2003-0533
The CVE-2003-0533 issue is a stack-based buffer overflow in LSASS (LSASRV.DLL) affecting multiple Windows platforms (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003) and related products. The underlying flaw is in the DS RolerUpgradeDownlevelServer function invoked via DCERPC, which can cause an o...
CVE-2010-0480
CVE-2010-0480 is a remote code execution vulnerability in Microsoft MPEG Layer-3 codecs. The issue arises from multiple stack-based buffer overflows in the MPEG Layer-3 audio decoders (l3codecx.ax and related ACM codecs) when processing crafted AVI files, affecting Windows 2000 SP4, XP SP2/SP3, S...
CVE-2009-2493
CVE-2009-2493 : Microsoft’s ATL vulnerability enables remote code execution when a user loads a specially crafted component/control hosted on a malicious page. The issue is described in MS09-037 (ATL vulnerabilities) and is addressed by Microsoft security bulletin updates; affected products inclu...
CVE-2006-3439
CVE-2006-3439 is a buffer overflow in the Server Service (SRVSVC) RPC interface that can be triggered by malformed parameters to SRVSVC API functions, enabling remote code execution on affected Windows versions. Public context from connected docs shows exploits and disclosures tied to MS06-040, a...
CVE-2010-0476
CVE-2010-0476 is a remote code-execution vulnerability in the Microsoft SMB client. The issue occurs when the SMB client implementation on Windows platforms (including Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 SP2) improperly parses or handles certain crafted SMB res...
CVE-2009-2528
CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...
CVE-2011-2003
CVE-2011-2003 : A buffer overflow in win32k.sys used by kernel-mode drivers across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 RTM/SP1) can be triggered by a crafted .fon file. The vulnerability arises from an input validation error when the ke...
CVE-2009-2500
This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...
CVE-2010-0231
CVE-2010-0231 involves the SMB server’s NTLM authentication on Windows 2000/XP/2003/Vista/Server 2008/7 where insufficient entropy in server-generated challenges (duplicate NTLM nonces) allows remote attackers to access files and SMB resources after many authentication requests. Root cause: weak ...
CVE-2012-0175
CVE-2012-0175 corresponds to a Windows Shell remote code execution vulnerability caused by how Windows handles specially crafted file or directory names. The issue affects multiple Windows editions, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/...
CVE-2004-0200
CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...
CVE-2010-0020
CVE-2010-0020 concerns a flaw in the SMB server implementation of Windows: the Server service fails to validate request fields, enabling a remote authenticated user to execute arbitrary code via a malformed SMB request. Affected platforms include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vis...
CVE-2009-3126
CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...
CVE-2015-0005
CVE-2015-0005 (NETLOGON Spoofing Vulnerability) affects Windows as a domain controller feature: the NETLOGON service on Windows Server 2003 SP2, 2008 SP2 and R2 SP1, and Windows Server 2012 Gold/R2, when configured as a Domain Controller, can be abused by remote attackers to spoof the computer na...
CVE-2015-2370
CVE-2015-2370 involves an elevation-of-privilege flaw in Windows RPC/DCOM: the DCE/RPC reflection enables a local attacker to gain privileges via a crafted OBJREF, allowing a local user to trigger RPC auth relaying. Affected products span Windows Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2...
CVE-2006-7210
The CVE-2006-7210 entry relates to Microsoft Windows 2000, XP, and Server 2003 where remote attackers can trigger a DoS (CPU consumption) by viewing a crafted PNG image that abuses the IHDR block (specifics: crafted Width and Height values). The vulnerability affects the PNG image handling path i...
CVE-2009-1930
The CVE-2009-1930 entry describes a Telnet Credential Reflection vulnerability in Windows Telnet service. A remote attacker could trigger arbitrary code execution by replaying NTLM credentials from a client to the Telnet server. Affected products include Windows 2000 (SP4), XP (SP2/SP3), Server 2...
CVE-2010-2550
CVE-2010-2550 affects the SMB Server in multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, Windows 7). The root cause is improper validation of fields in an SMB request, allowing remote code execution via a crafted SMB packet (aka “SMB Pool Overflow Vulnera...
CVE-2006-0010
CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...
CVE-2010-3956
CVE-2010-3956 concerns the OpenType Font (OTF) driver in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The vulnerability arises from an error in indexing an array when parsing OpenType fonts, enabling a local privilege escalation....
CVE-2005-0356
CVE-2005-0356 affects F5 BIG-IP BIG-IP LTM 9.0.0–9.0.5; other listed BIG-IP lines are not affected (e.g., 9.1.x, 9.2.x, 9.3.x, 9.4.x, 9.6.x are Not Affected). The issue is described as inadequate validation for TCP segments with PAWS/timestamps, enabling a remote attacker to cause a denial of ser...
CVE-2004-0790
CVE-2004-0790 describes a denial-of-service condition caused by spoofed ICMP error messages that disrupt TCP connections. In published connected materials, the vulnerability is tied to BIG-IP products, notably FastL4 accelerated virtual servers on ePVA-equipped platforms (e.g., VIPRION blades and...
CVE-2009-2507
CVE-2009-2507 describes a remote code execution via an ActiveX control in the Microsoft Windows Indexing Service. The vulnerability arises because the Indexing Service ActiveX component does not properly handle specially crafted URLs, enabling a remote attacker to load/execute arbitrary code on a...
CVE-2009-2501
CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...
CVE-2010-0022
CVE-2010-0022 is part of the SMB server NTLM vulnerabilities addressed by Microsoft MS10-012. The XP/2000/2003/Vista/2008/7 SMB server implementation fails to properly validate shared/servername fields in SMB packets, allowing remote attackers to cause a denial of service (system hang) via a craf...
CVE-2010-0021
CVE-2010-0021 is part of the MS10-012 set of SMB server vulnerabilities affecting Windows Vista/Windows Server 2008/Windows 7 and related Server roles. The issue arises from race conditions in the SMB Server service during Negotiate handling (SMBv1/v2), allowing remote attackers to trigger a deni...
CVE-2011-1249
CVE-2011-1249 concerns the Ancillary Function Driver (afd.sys) in Windows, where local input validation flaws allow privilege escalation. Affected OSes include Windows XP SP2/SP3, Server 2003 SP2, Windows Vista SP1/SP2, Server 2008 (Gold/SP2/R2), and Windows 7 (Gold/SP1). The vulnerability stems ...
CVE-2003-0661
The CVE-2003-0661 entry concerns the NetBIOS NBNS information disclosure vulnerability in Windows NT 4.0, 2000, XP, and Server 2003. The NBNS response may leak random memory contents from the target, potentially revealing sensitive data to remote attackers. Public details across connected documen...
CVE-2006-0988
CVE-2006-0988 : The default configuration of the DNS Server on Windows Server 2003/2000 and Microsoft DNS Server on Windows NT 4.0 permits recursive queries and reveals delegation information to arbitrary IPs, enabling remote attackers to cause a denial of service (traffic amplification) via spoo...
CVE-2004-0575
CVE-2004-0575 is a Microsoft Windows vulnerability: an integer overflow in DUNZIP32.DLL (InnerMedia) that affects Windows XP/XP x64 and Windows Server 2003/64, caused by an unchecked buffer and improper length validation when handling ZIP-compressed folders. This allows remote code execution if a...
CVE-2003-0528
Technical details for CVE-2003-0528 are not publicly provided in the supplied documents. Monitor for updates from official advisories; related CVEs (e.g., CVE-2003-0352) are discussed but do not specify 0528 specifics.
CVE-2009-2502
CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...
CVE-2004-0120
CVE-2004-0120 is a denial-of-service vulnerability in the Microsoft SSL library used by Windows 2000, Windows XP, and Windows Server 2003. A specially crafted malformed SSL message could cause the system to stop accepting SSL connections (Windows 2000/XP) or, on Windows Server 2003, to automatica...
CVE-2003-0818
CVE-2003-0818 covers a heap-based overflow in the Microsoft ASN.1 library (MSASN1.DLL) used by Windows components (LSASS.EXE, CRYPT32.DLL) on Windows NT 4.0/2000/XP. The vulnerability affects BER decoding of ASN.1 data, with two vectors: (1) very large length fields overwriting heap data, and (2)...
CVE-2009-2510
Technical details for CVE-2009-2510 are not publicly provided in the connected documents. Please monitor for updates.
CVE-2005-2117
CVE-2005-2117 refers to a remote code execution vulnerability in the Windows Shell Web View script injection. The issue arises in Web View in Windows Explorer when previewing files, where certain HTML characters in preview fields can be crafted to execute arbitrary code on affected systems. Affec...
CVE-2008-0020
Technical details about CVE-2008-0020 are not publicly available in the provided connected documents. Monitor for updates as new information becomes public.
CVE-2008-0015
CVE-2008-0015 is a stack-based buffer overflow in ATL’s CComVariant::ReadFromStream used by the MPEG2TuneRequest ActiveX control in msvidctl.dll (DirectShow). The vulnerability affects multiple Windows versions (2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2) and allows rem...
CVE-2007-0843
CVE-2007-0843 concerns the ReadDirectoryChangesW API on Windows 2000/XP/2003/Vista. The vulnerability arises because ReadDirectoryChangesW does not check the caller’s permissions for child directories, allowing a user with LIST access to a parent folder to monitor and infer information about file...
CVE-2007-0038
CVE-2007-0038 is a stack-based buffer overflow in Windows’ animated cursor handling (LoadAniIcon) affecting Windows 2000 SP4 through Vista, triggered by malformed RIFF ANI/cur/ico files and causing memory corruption in cursor/icon processing. A remote attacker could execute arbitrary code or caus...
CVE-2007-1748
This CVE refers to a stack-based buffer overflow in the Microsoft DNS Server RPC interface (DnssrvQuery) that can be triggered by a long zone name containing escape sequences, leading to remote code execution. Affected products include Windows 2000 Server and Windows Server 2003 (SP1/SP2). The un...
CVE-2003-0715
CVE-2003-0715 describes a heap-based buffer overflow in the Windows RPCSS DCOM interface that can be triggered by a malformed DCERPC DCOM object activation request with modified length fields, enabling remote code execution. Affected: Windows NT 4.0 SPx, 2000, XP, and Server 2003 (DCOM RPC interf...
CVE-2005-1206
CVE-2005-1206 describes a remote code execution vulnerability in Microsoft Windows SMB implementation. The SMB packet validation process contains a buffer-handling flaw that can allow an unauthenticated attacker to execute arbitrary code by sending specially crafted SMB packets. Affected products...
CVE-2009-1537
Summary of CVE-2009-1537 (DirectShow QuickTime parsing): A remote code execution vulnerability exists in the DirectShow QuickTime Movie Parser Filter (quartz.dll) within DirectX, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2, and potentially DirectX 7.0–9.0c. Exploitation requires a...
CVE-2009-2504
CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...