229 matches found
CVE-2008-1457
CVE-2008-1457 describes a remote code execution vulnerability in the Microsoft Windows Event System. The flaw occurs when creating per-user subscriptions, allowing an attacker with valid logon credentials to craft a subscription request that could run arbitrary code with system privileges. Affect...
CVE-2010-0023
CVE-2010-0023 affects the Client/Server Runtime Subsystem (CSRSS) on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The vulnerability stems from CSRSS not properly terminating processes after user logout, enabling a local attacker to gain privileges or access sensitive information via a craft...
CVE-2010-0491
CVE-2010-0491 is the IE HTML Object Memory Corruption vulnerability (Use-after-free) affecting Internet Explorer 5.01 SP4, 6, and 6 SP1. Exploitation requires crafting a page with an onreadystatechange handler to trigger arbitrary code execution; Microsoft documented this as part of MS10-018 and ...
CVE-2010-2740
The CVE-2010-2740 entry corresponds to two Windows OpenType Font (OTF) format driver vulnerabilities (CVE-2010-2740 and CVE-2010-2741) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The OpenType Font (OTF) format driver is vulnerable in how it allocates memory when parsing specially cr...
CVE-2011-0030
CVE-2011-0030 describes a CSRSS Elevation of Privilege vulnerability in Windows XP SP2/SP3 and Windows Server 2003 SP2. The Client/Server Run-time Subsystem (CSRSS) does not properly terminate processes after a user logs out, allowing a local attacker to keep a crafted process running into the ne...
CVE-2011-0087
The CVE-2011-0087 issue concerns the Windows kernel-mode driver win32k.sys, where user-mode input is not properly validated. This enables local privilege escalation, potentially allowing an attacker to gain complete control of the affected system. Affected products include Windows XP (SP2/SP3), S...
CVE-2011-0658
CVE-2011-0658 corresponds to Microsoft Windows OLE Automation Remote Code Execution via a malformed WMF in oleaut32.dll. Public sources (MS11-038) and multiple security analyses describe an integer underflow in the WMF parsing path, leading to arbitrary code execution when a user opens a crafted ...
CVE-2011-1230
CVE-2011-1230 affects Windows kernel components, specifically win32k.sys in the kernel-mode drivers. The vulnerability is a NULL pointer de-reference in win32k.sys, leading to local privilege escalation. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1...
CVE-2011-1238
CVE-2011-1238 describes a use-after-free bug in the Windows kernel driver component win32k.sys. The issue affects multiple Windows lineages (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold, R2, and R2 SP1, and Windows 7 Gold/SP1) and is triggered by incorrect management of kernel-mod...
CVE-2011-1239
CVE-2011-1239 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys that allows local privilege escalation. A crafted action exploits incorrect driver object management to gain full control. Affected products/versions include Windows XP (SP2, SP3), Windows Server 2003 (SP...
CVE-2011-1283
The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...
CVE-2011-1883
CVE-2011-1883 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1. The flaw stems from incorrect driver object management in kernel-mode, enabling local privilege escalation to ...
CVE-2007-5133
Microsoft Windows Explorer (explorer.exe) is affected by CVE-2007-5133. A crafted PNG file with a large tEXt chunk may trigger an integer overflow in PNG chunk size handling, allowing user‑assisted remote attackers to cause a denial of service (CPU consumption). The connected sources explicitly d...
CVE-2011-1241
The CVE-2011-1241 entry details a use-after-free in the Windows kernel-mode driver Win32k.sys that can allow local privilege escalation via crafted code, due to incorrect driver object management. Affected products/versions include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP...
CVE-2011-1242
CVE-2011-1242 is a Win32k.sys use-after-free local privilege-escalation vulnerability. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 SP1. Cause: incorrect management of kernel-mode driver objects in win32k.sys leading to use-after-free...
CVE-2011-1875
CVE-2011-1875 is a use-after-free vulnerability in win32k.sys within kernel-mode drivers that enables local privilege escalation by exploiting incorrect driver object management. Affected systems include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/...
CVE-2011-1881
CVE-2011-1881 affects Windows kernel-mode drivers, specifically win32k.sys, with a NULL pointer dereference vulnerability that enables local privilege escalation. Affected products include Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and R2 S...
CVE-2011-1970
The CVE-2011-1970 issue affects Microsoft Windows DNS Server (notably on Windows Server 2003 SP2 and Windows Server 2008 SP2, R2 and R2 SP1). It is a memory handling vulnerability where memory is not properly initialized when processing a query for a nonexistent domain, enabling a remote attacker...
CVE-2013-3866
CVE-2013-3866 is a Windows kernel‑mode driver privilege escalation in Win32k.sys affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8, Server 2012, Windows RT). The root cause is a crafted application that allows local users to gain...
CVE-2009-4313
The CVE-2009-4313 issue affects the Microsoft Windows Indeo32 codec (ir32_32.dll 3.24.15.3) in Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The underlying flaw is malformed data in a stream within media files (e.g., AVI), which can lead to heap corruption and allow remote code execution or ...
CVE-2010-2741
CVE-2010-2741 is a local elevation-of-privilege vulnerability in the Windows OpenType Font (OTF) format driver. OpenType fonts processed by the OTF driver could trigger improper integer calculations during parsing, enabling kernel-mode code execution when a specially crafted font is opened locall...
CVE-2010-3942
CVE-2010-3942 affects Windows kernel-mode driver win32k.sys, where memory allocation for copies from user mode is flawed, enabling local privilege escalation on affected Windows versions (XP SP2/SP3, 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). Connected sources corroborate t...
CVE-2011-0667
CVE-2011-0667 is a local privilege-escalation in the Windows kernel (win32k.sys) caused by a use-after-free in driver object management. A crafted application can abuse this to gain kernel privileges on affected systems, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2...
CVE-2011-1225
The CVE-2011-1225 issue affects the Windows kernel32k subsystem: specifically, win32k.sys in kernel-mode drivers allows local privilege escalation via a NULL pointer de-reference. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1–SP2), Windows Server 20...
CVE-2011-1236
CVE-2011-1236 is a use-after-free vulnerability in win32k.sys (kernel-mode driver) affecting multiple Windows OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). The issue arises from incorrect driver object management in the Win32k subsys...
CVE-2011-1868
The CVE-2011-1868 issue affects Microsoft Windows DFS (Distributed File System) implementations on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is improper validation of fields in DFS responses, allowing remote DFS servers to cause arbitrary code execution via crafted responses ...
CVE-2011-1869
The CVE-2011-1869 issue affects the Distributed File System (DFS) implementation on multiple Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). A crafted DFS referral response can be sent by a remote ...
CVE-2011-1878
CVE-2011-1878 is a use-after-free vulnerability in win32k.sys, the kernel-mode driver component of Windows. A crafted local access application can trigger improper driver object management, enabling a local user to escalate privileges. Affected products include Windows XP SP2/SP3, Windows Server ...
CVE-2013-3865
Win32k Multiple Fetch Vulnerability (CVE-2013-3865) affects multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8, Server 2012, Windows RT). It allows local privilege escalation through a crafted application affecting win32k.sys in kernel-mode drivers...
CVE-2008-1456
CVE-2008-1456 describes a remote code execution vulnerability in the Windows Event System caused by improper validation when indexing an array of function pointers. Affected products include Windows 2000 SP4, XP (SP2/SP3), Server 2003 (SP1/SP2), Vista (initial and SP1), and Server 2008. The issue...
CVE-2010-3959
CVE-2010-3959 affects the Microsoft OpenType Font (OTF) driver. A crafted CMAP table in an OpenType font can cause local privilege escalation on Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2, and Windows 7. Root cause: incorrect handling/parsi...
CVE-2010-4669
The CVE-2010-4669 entry concerns the IPv6 Neighbor Discovery (ND) router advertisement flood vulnerability. Affected products include the IPv6 stack in Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. The issue arises when an attacker sends many Router Advertise...
CVE-2011-0086
CVE-2011-0086 pertains to win32k.sys in affected Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7) where user-mode input is not properly validated by kernel-mode drivers. This enables local privilege escalation via a crafted application. Acknowledge...
CVE-2011-0672
CVE-2011-0672 is a use-after-free vulnerability in the Windows kernel Win32k.sys (kernel-mode drivers). Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 Gold/SP1. The issue stems from incorrect driv...
CVE-2013-1343
Technical details for CVE-2013-1343 are not publicly available in the provided documents; affected components, impact, and remediation are not specified here. Monitor for updates from NVD and EUVD sources.
CVE-2008-3464
CVE-2008-3464 (AFD Kernel Overwrite Vulnerability) is an elevation-of-privilege bug in the Microsoft AFD driver (afd.sys). It arises from improper validation of input passed from user mode to the Windows kernel, allowing a local attacker to execute arbitrary code with kernel privileges. Affected ...
CVE-2009-4210
CVE-2009-4210 describes memory corruption in the Microsoft Windows Indeo codec exposed by crafted media content, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The OpenVAS entries corroborate multiple vulnerabilities in the Indeo codec and list CVE-2009-4210 among the affected vulne...
CVE-2011-0033
The CVE-2011-0033 entry concerns a vulnerability in the OpenType Compact Font Format (CFF) driver in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, and Windows 7). The issue stems from improper validation of parameter values when parsing OpenType fonts...
CVE-2011-0089
CVE-2011-0089 affects Windows kernel-mode driver win32k.sys across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The issue is improper validation of user-mode data by the Win32k subsystem, enabling local users to gain privileges via a c...
CVE-2011-0660
The CVE-2011-0660 issue is a remote code execution vulnerability in the SMB client of several Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1). Root cause: the SMB client incorrectly validates crafted SMB responses (SMBv1 or SMBv2), enablin...
CVE-2011-0670
CVE-2011-0670 describes a use-after-free vulnerability in win32k.sys within Windows kernel-mode drivers that enables local privilege escalation. Affected are Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold,...
CVE-2011-0671
The CVE-2011-0671 issue affects Windows kernel-mode driver win32k.sys and is caused by a use-after-free from incorrect driver object management. Affects Windows XP SP2-SP3, Server 2003 SP2, Vista SP1-SP2, Server 2008 Gold/SP2/R2 and R2 SP1, and Windows 7 Gold/SP1. Local privilege escalation is po...
CVE-2011-1227
CVE-2011-1227 affects the Windows kernel’s win32k.sys (kernel-mode drivers). The vulnerability is a NULL pointer de-reference in the Win32k subsystem that enables local attackers to gain privileges on multiple Windows versions, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista ...
CVE-2008-1445
CVE-2008-1445 corresponds to a denial-of-service vulnerability in Active Directory affecting Windows 2000 Server SP4, Windows XP Professional SP2/SP3, Windows Server 2003 SP1/SP2, and Windows Server 2008. The issue arises from insufficient validation of specially crafted LDAP requests, allowing r...
CVE-2009-4309
CVE-2009-4309 describes a heap-based buffer overflow in the Intel Indeo41 codec used by Windows Media Player, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises from missing bounds checking on a size field in the IV41/movi record of an IV41 stream, permitting remote atta...
CVE-2010-0235
CVE-2010-0235 is the Windows Kernel Symbolic Link Value Vulnerability. The provided documents confirm a denial-of-service impact (system becomes unresponsive and reboots) caused by improper validation of symbolic link values when created by the Windows kernel. Affected products (per MS10-021 and ...
CVE-2011-0043
CVE-2011-0043 affects Kerberos in Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is use of weak hashing (CRC32) in service tickets, enabling local privilege escalation by a crafted service ticket. Public mitigations are documented in MS11-013, which addresses Kerberos-related elev...
CVE-2011-0666
CVE-2011-0666 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys affecting Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold, SP1). The issue arises from incorrect driver object manageme...
CVE-2011-0674
CVE-2011-0674 is a use-after-free in the Windows kernel-mode driver win32k.sys that allows local privilege escalation. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 SP2/R2, and Windows 7 SP1. Root cause: incorrect management of k...
CVE-2011-1234
CVE-2011-1234 is a use-after-free vulnerability in the Windows kernel-mode driver component win32k.sys that enables local privilege escalation. The issue arises from incorrect driver object management in the kernel, affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, ...