62 matches found
CVE-2004-0230
Technical details beyond the public description are not provided in the supplied documents. CVE-2004-0230 describes a TCP sequence-number guessing/RST-injection denial-of-service under large window size; no remediation details are given here.
CVE-2006-0010
CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...
CVE-2004-0597
CVE-2004-0597 describes multiple buffer overflows in libpng 1.2.5 and earlier caused by insufficient bounds checks in png_handle_tRNS, png_handle_sBIT, and png_handle_hIST. This allows remote attackers to execute arbitrary code via crafted PNG images. Connected sources note that some advisories p...
CVE-2004-0790
CVE-2004-0790 describes a denial-of-service condition caused by spoofed ICMP error messages that disrupt TCP connections. In published connected materials, the vulnerability is tied to BIG-IP products, notably FastL4 accelerated virtual servers on ePVA-equipped platforms (e.g., VIPRION blades and...
CVE-2002-0862
CVE-2002-0862 concerns the CryptoAPI in Microsoft products (Windows 98 through XP; Office for Mac; IE for Mac; Outlook Express for Mac). The issue: the CertGetCertificateChain, CertVerifyCertificateChainPolicy, and WinVerifyTrust APIs fail to properly verify the Basic Constraints of intermediate ...
CVE-2002-0053
Technical details about CVE-2002-0053 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2002-2185
The CVE-2002-2185 issue concerns a flaw in IGMP processing in the Linux kernel that could let a local attacker cause a denial of service by sending an IGMP membership report addressed to a target’s Ethernet address rather than the multicast group address. Public advisories (e.g., RHSA-2006:0101 a...
CVE-2000-1218
The CVE relates to Microsoft Windows 98, NT 4.0, 2000, and XP where the default domain name resolver configuration sets QueryIpMatching to 0. This causes the resolver to accept DNS updates from hosts it did not query, enabling DNS cache poisoning by a remote attacker. The PTSecurity entry confirm...
CVE-2001-0876
CVE-2001-0876 describes a buffer overflow in the UPnP NOTIFY handling on Windows XP, ME, 98/98SE, exploitable via a long Location URL in NOTIFY directives. OpenVAS and CERT/CC advisories corroborate a remote-code-execution risk with SYSTEM privileges on XP (and similar impacts on ME/98/98SE); a s...
CVE-2004-0201
The CVE-2004-0201 entry documents a heap-based buffer overflow in the HTML Help viewer hh.exe used by HTML Help (.chm) on Windows platforms (Windows 98, Me, NT 4.0, 2000, XP, and Server 2003). The vulnerability allows remote code execution via a .CHM file with a large length field, enabling an at...
CVE-2004-0901
CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...
CVE-2001-0877
CVE-2001-0877 describes an unchecked buffer in Windows UPnP NOTIFY handling that can allow remote attackers to cause denial of service or execute code with SYSTEM privileges on Windows XP (and related UPnP-enabled Windows 98/ME). Exploitation via specially malformed NOTIFY messages (SSDP) can tri...
CVE-2005-0416
CVE-2005-0416 describes a stack-based buffer overflow in the Windows Animated Cursor (ANI) handling. The vulnerability affects Windows NT, Windows 2000 (SP4), Windows XP (SP1), and Windows 2003, where a crafted AnimationHeaderBlock length field can lead to remote code execution or memory corrupti...
CVE-2006-2376
A remote code execution vulnerability exists in Microsoft Windows’ Graphics Rendering Engine due to an integer overflow in the WMF/EMF PolyPolygon handling. The heap-based overflow is triggered when the sum of vertex counts and the number of polygons is added and multiplied without 32-bit overflo...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2004-0571
CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...
CVE-2000-1039
CVE-2000-1039 (Naptha) describes DoS in various TCP/IP stacks and network apps where remote attackers flood a target with TCP connection attempts and complete the TCP handshake without maintaining state, exhausting resources and causing partial availability impact. Connected documents confirm the...
CVE-2005-0059
The CVE-2005-0059 issue is a buffer overflow in the Microsoft Message Queuing (MSMQ) service’s processing of messages. The vulnerability affects MSMQ on Windows 2000 and Windows XP SP1 (per the CVE/NVD entries) and is exploitable via the MSMQ RPC/queue handling interface, enabling remote code exe...
CVE-2003-0469
CVE-2003-0469 describes a buffer-overflow in the HTML Converter (html32.cnv) used by Windows applications (via IE and other components). The flaw can be triggered during a cut‑and‑paste operation with a crafted HR tag (align attribute), potentially allowing remote code execution with the privileg...
CVE-2005-0053
Summary of CAN-2005-0053 (CVE-2005-0053) : In Internet Explorer 5.01, 5.5, and 6, drag-and-drop events can be exploited to write arbitrary files or execute code on the local system via malicious drag-and-drop content. Microsoft’s fix is delivered in two security updates: MS05-014 (CVE CAN-2005-00...
CVE-2002-1325
CVE-2002-1325 affects Microsoft Virtual Machine (VM) versions up to build 5.0.3805. A Java applet that accesses the user.dir system property can disclose the local user’s username to a remote attacker, via a crafted page or email. CERT notes the vulnerability could leak the user’s system path and...
CVE-2004-0202
CVE-2004-0202 concerns a denial-of-service vulnerability in the DirectPlay API, specifically the IDirectPlay4 interfaces of DirectPlay within Microsoft DirectX. The issue arises from insufficient input/packet validation of incoming network data, enabling a remote attacker to crash a DirectPlay-ba...
CVE-2005-0044
CVE-2005-0044 is the Input Validation Vulnerability in the Windows OLE component that could allow remote code execution. The NVD/NVD-derived data unify that the issue affects Windows 98, 2000, XP, and Server 2003, as well as Exchange Server 5.0–2003, caused by improper validation of message lengt...
CVE-2005-0063
The CVE-2005-0063 issue stems from Windows Shell/MSHTA handling of file associations. A remote code execution vulnerability exists when a user opens a specially crafted OLE2 document (e.g., Word) whose CLSID is manipulated to invoke HTML Application Host (MSHTA) to process the file. Exploitation ...
CVE-2003-1048
CVE-2003-1048 describes a double-free vulnerability in Internet Explorer’s GIF handling via mshtml.dll. The flaw affects IE6 and related builds where processing GIFs could allow a remote attacker to crash the application or, in some scenarios, execute arbitrary code. Public advisories (MS04-025) ...
CVE-2004-1319
The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...
CVE-2002-1260
The CVE-2002-1260 vulnerability affects Microsoft Virtual Machine (VM) 5.0.3805 and earlier, where the JDBC APIs can be exploited by an untrusted Java applet to bypass security checks and access database contents. This is a remote, network‑vector issue that allows partial confidentiality/integrit...
CVE-2003-0010
The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...
CVE-2004-1305
CVE-2004-1305 refers to a denial-of-service vulnerability in the Windows kernel related to how animated cursor and icon formats are processed. The weakness, described in MS05-002 and related CERT advisories, can be triggered by specially crafted cursor/icon/ani files viewed via Web pages or email...
CVE-2000-0168
CVE-2000-0168 affects the Microsoft Windows 9x family. The vulnerability arises when a pathname contains MS-DOS device names (e.g., CON\CON, AUX, etc.), which can cause a denial of service (system freeze/reboot) when accessed via certain services. OpenVAS-derived entries describe exploitation pat...
CVE-2002-0693
The CVE-2002-0693 issue affects multiple Windows platforms (Windows 98, 98 SE, Millennium, NT 4.0 and Terminal Server, Windows 2000, Windows XP) through the HTML Help ActiveX control (hhctrl.ocx). The root cause is an unchecked/buffer overflow in the HTML Help facility ActiveX module that could b...
CVE-2005-0058
CVE-2005-0058 describes a buffer overflow in the Windows Telephony API (TAPI) that can allow either remote code execution or local privilege elevation, depending on OS/version and configuration. Affected platforms include Windows 98/98 SE/ME, Windows 2000, Windows XP, and Windows Server 2003. The...
CVE-2006-0012
CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...
CVE-1999-0909
CVE-1999-0909 affects multihomed Windows systems. The vulnerability allows a remote attacker to bypass IP source routing restrictions by sending a malformed IP options packet, named the “Spoofed Route Pointer.” The connected Red Hat and CVE listings reference the same description. No explicit pro...
CVE-2001-0721
The CVE-2001-0721 entry concerns Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP. The flaw allows remote attackers to cause a denial of service (memory consumption or crash) by sending a malformed UPnP request. The affected stack is UPnP handling in Windows, with NETWORK attack vec...
CVE-2002-0070
CVE-2002-0070 describes a buffer overflow in the Windows Shell (the Windows Desktop environment) that can allow arbitrary code execution. The vulnerability stems from an unchecked buffer in the URL handler mapping for applications that have been partially removed; if an application with custom UR...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-2006-1313
CVE-2006-1313 is the Microsoft JScript memory corruption remote code execution vulnerability documented in MS06-023. It affects JScript in Windows 98/Me, Windows 2000 SP4, Windows XP (incl. SP1/SP2), and Windows Server 2003 families, including x64/Itanium variants, where JScript may release objec...
CVE-2004-0123
CVE-2004-0123 (ASN.1 “Double Free”) affects Windows platforms including NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The issue is a potential memory-management error caused by a possible double-free condition in the Microsoft ASN.1 Library, which could lead to memory corruption and,...
CVE-2005-1793
CVE-2005-1793 affects Microsoft Windows 98SE (and possibly other operating systems) via User32.DLL. A crafted icon (.ico) bitmap file with unusually large width and height values can cause a denial of service (crash). The vulnerability is described as allowing local and remote DoS; CVSS 2.0 base ...
CVE-2001-0238
The CVE-2001-0238 entry concerns Microsoft Data Access Component Internet Publishing Provider (ID 8.103.2519.0 and earlier). The available connected documents describe that remote attackers can bypass Security Zone restrictions through WebDAV requests. The root cause details are not explicitly st...
CVE-1999-0875
Technical details (affected products/versions, exploitation, or mitigations) for CVE-1999-0875 are not provided in the supplied documents. Monitor for updates and additional disclosures.
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2004-0839
CVE-2004-0839 is the IE Drag-and-Drop Vulnerability. The connected docs show it as a publicly disclosed CAN-2005-0053 vulnerability, which was addressed by Microsoft security updates MS05-014 and related MS05-008. The vulnerability arises from Internet Explorer handling drag-and-drop events, allo...
CVE-2006-0006
CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...
CVE-2005-0061
CVE-2005-0061 (Windows kernel elevation of privilege) is a local privilege-elevation vulnerability in the Windows kernel (Windows 2000, XP SP1/SP2, Windows Server 2003) caused by the way the kernel processes certain access requests. An attacker with valid logon credentials and local access could ...
CVE-2000-0790
The CVE-2000-0790 entry describes a local-in-the-IE5.5/Windows 98 scenario where modifying Folder.htt and invoking the default execute option via the ShellDefView ActiveX control could cause Trojan horses to be run for the first listed file. No explicit affected versions beyond IE 5.5 on Windows ...
CVE-2000-0979
CVE-2000-0979 affects Windows 95/98/Me File and Print Sharing. The service does not properly enforce file-share passwords, allowing a remote attacker to bypass access controls by sending a 1‑byte password that matches the first character of the real password. The documented impact is partial conf...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2006-0020
CVE-2006-0020 describes a WMF parsing memory corruption affecting Internet Explorer on Windows platforms (e.g., IE 5.01 SP4 on 2000 SP4; 5.5 SP2 on Millennium) where a crafted WMF file with manipulated header size (potential integer overflow) can crash the process and may allow code execution. Th...