6 matches found
CVE-2004-0230
Technical details beyond the public description are not provided in the supplied documents. CVE-2004-0230 describes a TCP sequence-number guessing/RST-injection denial-of-service under large window size; no remediation details are given here.
CVE-1999-1593
The connected documents confirm CVE-1999-1593 affects the Windows Internet Naming Service (WINS) and enables remote attackers to cause denial of service or credential theft by a crafted 1Ch registration that redirects the domain controller to a malicious server. The impact is described as complet...
CVE-2002-0862
CVE-2002-0862 concerns the CryptoAPI in Microsoft products (Windows 98 through XP; Office for Mac; IE for Mac; Outlook Express for Mac). The issue: the CertGetCertificateChain, CertVerifyCertificateChainPolicy, and WinVerifyTrust APIs fail to properly verify the Basic Constraints of intermediate ...
CVE-2000-1218
The CVE relates to Microsoft Windows 98, NT 4.0, 2000, and XP where the default domain name resolver configuration sets QueryIpMatching to 0. This causes the resolver to accept DNS updates from hosts it did not query, enabling DNS cache poisoning by a remote attacker. The PTSecurity entry confirm...
CVE-2003-1048
CVE-2003-1048 describes a double-free vulnerability in Internet Explorer’s GIF handling via mshtml.dll. The flaw affects IE6 and related builds where processing GIFs could allow a remote attacker to crash the application or, in some scenarios, execute arbitrary code. Public advisories (MS04-025) ...
CVE-2003-0813
Technical details for CVE-2003-0813 are not publicly provided in the supplied documents; no concrete affected products/versions or fixes are listed. Monitor for updates.