66 matches found
CVE-2003-0352
CVE-2003-0352 describes a buffer overflow vulnerability in the DCOM RPC interface (RPCSS) of Windows NT 4.0 SP3-6a, Windows 2000, XP, and Server 2003. The issue is a stack/heap buffer overflow triggered by a malformed DCERPC DCOM object activation request with modified length fields, allowing rem...
CVE-2006-0010
CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...
CVE-2005-0356
CVE-2005-0356 affects F5 BIG-IP BIG-IP LTM 9.0.0–9.0.5; other listed BIG-IP lines are not affected (e.g., 9.1.x, 9.2.x, 9.3.x, 9.4.x, 9.6.x are Not Affected). The issue is described as inadequate validation for TCP segments with PAWS/timestamps, enabling a remote attacker to cause a denial of ser...
CVE-2003-0528
Technical details for CVE-2003-0528 are not publicly provided in the supplied documents. Monitor for updates from official advisories; related CVEs (e.g., CVE-2003-0352) are discussed but do not specify 0528 specifics.
CVE-2003-0661
The CVE-2003-0661 entry concerns the NetBIOS NBNS information disclosure vulnerability in Windows NT 4.0, 2000, XP, and Server 2003. The NBNS response may leak random memory contents from the target, potentially revealing sensitive data to remote attackers. Public details across connected documen...
CVE-2003-0818
CVE-2003-0818 covers a heap-based overflow in the Microsoft ASN.1 library (MSASN1.DLL) used by Windows components (LSASS.EXE, CRYPT32.DLL) on Windows NT 4.0/2000/XP. The vulnerability affects BER decoding of ASN.1 data, with two vectors: (1) very large length fields overwriting heap data, and (2)...
CVE-2003-0715
CVE-2003-0715 describes a heap-based buffer overflow in the Windows RPCSS DCOM interface that can be triggered by a malformed DCERPC DCOM object activation request with modified length fields, enabling remote code execution. Affected: Windows NT 4.0 SPx, 2000, XP, and Server 2003 (DCOM RPC interf...
CVE-2006-2370
CVE-2006-2370 describes a buffer/ memory corruption vulnerability in the Routing and Remote Access Service (RRAS) on Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1 and earlier. The flaw, triggered by certain crafted RPC-related requests to RRAS (RASMAN), allows remote attackers (authenticated ...
CVE-2005-1205
The CVE-2005-1205 issue is a documented information-disclosure vulnerability in the Microsoft Telnet client across Windows XP, Windows Server 2003, and Windows Services for UNIX. Exploitation arises from handling the Telnet NEW-ENVIRON command (SEND ENV_USERVAR), allowing a remote attacker to rea...
CVE-2005-4560
CVE-2005-4560 is a Windows GDI/WMF parsing vulnerability in GDI32.DLL that allows remote code execution via a crafted WMF image using the SETABORTPROC GDI Escape function, with SHIMGVW.DLL involved. The issue is tied to WMF/EMF processing in Windows, and public details describe arbitrary code exe...
CVE-2006-6696
CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...
CVE-2003-0717
CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...
CVE-2004-0571
CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...
CVE-2004-0901
CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...
CVE-2003-0825
CVE-2003-0825 concerns the Windows Internet Naming Service (WINS) in Windows NT/2000/Server 2003 families, where malformed packets with improper lengths bypass WINS’ length validation. The result is a remote denial of service on Windows Server 2003 and, for older platforms, potential denial of se...
CVE-2004-0201
The CVE-2004-0201 entry documents a heap-based buffer overflow in the HTML Help viewer hh.exe used by HTML Help (.chm) on Windows platforms (Windows 98, Me, NT 4.0, 2000, XP, and Server 2003). The vulnerability allows remote code execution via a .CHM file with a large length field, enabling an at...
CVE-2005-0416
CVE-2005-0416 describes a stack-based buffer overflow in the Windows Animated Cursor (ANI) handling. The vulnerability affects Windows NT, Windows 2000 (SP4), Windows XP (SP1), and Windows 2003, where a crafted AnimationHeaderBlock length field can lead to remote code execution or memory corrupti...
CVE-2005-0045
CVE-2005-0045 is a remote code execution vulnerability in the SMB client/server implementation on Windows NT 4.0, 2000, XP and Server 2003. The issue stems from improper validation of SMB packets, enabling an attacker to execute arbitrary code by crafting SMB Transaction responses (notably Trans ...
CVE-2006-1184
CVE-2006-1184 describes a Denial of Service in Microsoft Windows’ Distributed Transaction Coordinator (MSDTC) that could crash the MSDTC service when a remote attacker sends a crafted BuildContextW message with a large UuidString or GuidIn. The issue affects MSDTC on Windows NT 4.0, 2000 SP4, XP ...
CVE-2006-2379
CVE-2006-2379 describes a buffer overflow in the Windows TCP/IP Protocol driver related to IP source routing. Affected products include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1 and earlier. The root cause is an unchecked buffer length when processing IP source routing packets, potentiall...
CVE-2005-0053
Summary of CAN-2005-0053 (CVE-2005-0053) : In Internet Explorer 5.01, 5.5, and 6, drag-and-drop events can be exploited to write arbitrary files or execute code on the local system via malicious drag-and-drop content. Microsoft’s fix is delivered in two security updates: MS05-014 (CVE CAN-2005-00...
CVE-2006-0034
CVE-2006-0034 describes a heap-based buffer overflow in MSDTC’s RPC path (msdtcprx.dll BuildContextW/BuildContext) caused by an overly long fifth argument, triggering a bug in NdrAllocate. Affected products include Windows 2000/NT4-era MSDTC deployments, with the issue leading to denial of servic...
CVE-2004-0202
CVE-2004-0202 concerns a denial-of-service vulnerability in the DirectPlay API, specifically the IDirectPlay4 interfaces of DirectPlay within Microsoft DirectX. The issue arises from insufficient input/packet validation of incoming network data, enabling a remote attacker to crash a DirectPlay-ba...
CVE-2005-0044
CVE-2005-0044 is the Input Validation Vulnerability in the Windows OLE component that could allow remote code execution. The NVD/NVD-derived data unify that the issue affects Windows 98, 2000, XP, and Server 2003, as well as Exchange Server 5.0–2003, caused by improper validation of message lengt...
CVE-2005-0050
CVE-2005-0050 covers a remote code execution/DoS vulnerability in the Windows License Logging Service (LLS) affecting Windows NT Server, Windows 2000 Server, and Windows Server 2003. The root cause is an unchecked buffer due to improper validation of message lengths, enabling a specially crafted ...
CVE-2005-0063
The CVE-2005-0063 issue stems from Windows Shell/MSHTA handling of file associations. A remote code execution vulnerability exists when a user opens a specially crafted OLE2 document (e.g., Word) whose CLSID is manipulated to invoke HTML Application Host (MSHTA) to process the file. Exploitation ...
CVE-2004-0893
This CVE describes two privilege-elevation flaws in Windows components from 2004: (1) the Local Procedure Call (LPC) interface in the Windows kernel fails to validate message lengths, enabling a locally-authenticated attacker to gain full control; and (2) LSASS validates identity tokens improperl...
CVE-2005-1208
CVE-2005-1208 describes a remote code execution vulnerability in Microsoft HTML Help (CHM/InfoTech Storage protocols like ms-its, ms-itss, its, mk:@MSITStore). The root cause is an integer overflow/heap-based buffer overflow when processing crafted CHM content with a large size field, exploitable...
CVE-2004-0568
HyperTerminal for Windows NT 4.0/2000/XP/Server 2003 contains a buffer overflow in session file handling due to improper validation of a value’s length. This allows a remote attacker to execute arbitrary code when a user opens a malicious HyperTerminal session file (.ht), or follows a web/Telnet ...
CVE-2004-1319
The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...
CVE-2003-0659
CVE-2003-0659 describes a buffer-overflow in a function used by the Windows ListBox and ComboBox controls (User32.dll) that can be triggered by crafted Windows messages (LB_DIR/CB_DIR). This local, interactive vulnerability could allow an attacker who can log on to execute arbitrary code with the...
CVE-2004-1305
CVE-2004-1305 refers to a denial-of-service vulnerability in the Windows kernel related to how animated cursor and icon formats are processed. The weakness, described in MS05-002 and related CERT advisories, can be triggered by specially crafted cursor/icon/ani files viewed via Web pages or email...
CVE-2005-1218
CVE-2005-1218 describes a denial-of-service in the Microsoft Windows Remote Desktop Protocol (RDP) service affecting Windows 2000/XP/Server 2003. Root cause: an input-validation flaw in how RDP messages are processed, which could allow a remote attacker to crash the RDP service by sending a craft...
CVE-2006-0012
CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...
CVE-2006-0013
Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...
CVE-2003-0711
CVE-2003-0711 describes a stack-based buffer overflow in the PCHealth-HSC (Help and Support Center) HCP URL handling on Windows XP and Windows Server 2003. The unchecked buffer in the HCP protocol-handling file allows remote code execution with SYSTEM/Local privileges when a user clicks a crafted...
CVE-2004-0894
CVE-2004-0894 is a local elevation-of-privilege issue in LSASS on Microsoft Windows 2000 Server and Windows Server 2003. The vulnerability stems from incomplete validation of connection information by LSASS, allowing a locally authenticated user to gain complete control of the system by running a...
CVE-2005-0047
CVE-2005-0047 relates to a local privilege-escalation vulnerability in Windows OLE/COM Structured Storage handling (CAN-2005-0047) affecting Windows 2000, Windows XP, and Windows Server 2003. The root cause is improper validation of memory regions when processing COM structured storage files, ena...
CVE-2006-0032
Microsoft Windows Indexing Service vulnerability (CVE-2006-0032) is a cross-site scripting flaw in the Indexing Service component of Windows 2000/XP/Server 2003 when Encoding is set to Auto Select. An attacker can craft a UTF-7 URL that is injected into an error message, potentially executing scr...
CVE-2006-1313
CVE-2006-1313 is the Microsoft JScript memory corruption remote code execution vulnerability documented in MS06-023. It affects JScript in Windows 98/Me, Windows 2000 SP4, Windows XP (incl. SP1/SP2), and Windows Server 2003 families, including x64/Itanium variants, where JScript may release objec...
CVE-2004-1080
Summary: CVE-2004-1080 describes a remote memory overwrite in the Windows WINS service (wins.exe) via a crafted WINS replication packet sent to TCP port 42, which could allow arbitrary code execution. Affected products: Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003...
CVE-2003-0660
The CVE-2003-0660 issue is a vulnerability in the Authenticode verification mechanism used by Windows NT through Server 2003. Under low-memory conditions, an ActiveX control could be downloaded and installed without prompting the user, enabling remote code execution with the user’s privileges whe...
CVE-2005-1649
CVE-2005-1649 affects Windows XP SP2, Windows Server 2003 SP1, and Longhorn. It describes a LAND-like denial-of-service vector in IPv6 TCP/IP where a crafted TCP SYN packet uses the same source and destination IP and port, causing high CPU or unresponsiveness. The vulnerability is a variant of CV...
CVE-2006-0008
The CVE-2006-0008 issue affects the Korean Input Method Editor (IME) on Windows XP SP1/SP2, Windows Server 2003 up to SP1, and Office 2003. A privilege-elevation flaw exists in the Korean IME; an attacker who can log on (locally or via Remote Desktop/Terminal Services) could exploit the ShellAbou...
CVE-2004-1361
The CVE-2004-1361 issue affects Microsoft Windows where winhlp32.exe parses help files (.hlp). Affected: Windows NT, Windows 2000 (SP4), Windows XP (SP2), Windows 2003; vulnerability arises from an integer/length miscalculation in handling .hlp content, causing a heap-based buffer overflow. Conse...
CVE-2004-0839
CVE-2004-0839 is the IE Drag-and-Drop Vulnerability. The connected docs show it as a publicly disclosed CAN-2005-0053 vulnerability, which was addressed by Microsoft security updates MS05-014 and related MS05-008. The vulnerability arises from Internet Explorer handling drag-and-drop events, allo...
CVE-2005-0061
CVE-2005-0061 (Windows kernel elevation of privilege) is a local privilege-elevation vulnerability in the Windows kernel (Windows 2000, XP SP1/SP2, Windows Server 2003) caused by the way the kernel processes certain access requests. An attacker with valid logon credentials and local access could ...
CVE-2006-0021
The CVE-2006-0021 issue affects Microsoft Windows TCP/IP implementation on Windows XP SP1/SP2 and Windows Server 2003 up to SP1, where a specially crafted IGMPv3 packet can trigger a denial‑of‑service (system hang). Root cause: failure to properly validate IGMP packets in the TCP/IP stack, allowi...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2006-1591
CVE-2006-1591 describes a heap-based buffer overflow in Microsoft Windows Help winhlp32.exe caused by improper parsing of malformed .hlp files. The vulnerability permits user-assisted attackers to execute arbitrary code by crafting an embedded image data payload within a Windows Help (.hlp) file....