58 matches found
CVE-2005-0060
CVE-2005-0060 is a local privilege-elevation vulnerability in the Windows font-processing subsystem caused by an unchecked buffer when handling certain fonts. A logged-on user could gain full control of an affected system by running a specially crafted application. Affected platforms include Wind...
CVE-2005-1214
CVE-2005-1214 involves a spoofing flaw in Microsoft Agent that could allow remote attackers to impersonate trusted Internet content and potentially execute arbitrary code when a user visits a malicious Web page. Connected docs confirm the vulnerability (CAN-2005-1214) exists in Microsoft Agent an...
CVE-2005-1184
The CVE-2005-1184 entry describes a DoS in the TCP/IP stack across multiple operating systems: a remote attacker sends a TCP packet with the correct sequence number but an incorrect Acknowledgement number, triggering a flood of keep-alive packets and CPU consumption. The impact is listed as Parti...
CVE-2005-1191
Summary : CVE-2005-1191 affects the Web View DLL (webvw.dll) used by Windows Explorer on Windows 2000. The flaw arises from insufficient validation of the Author field in file metadata, allowing an attacker to craft a name that, when Web View creates a mailto: link in the preview pane, results in...
CVE-2005-1212
CVE-2005-1212 is a buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe). A crafted bookmark link file with a long User field in extensions .cbo/.cbl/.cbm allows remote code execution, running with the caller’s privileges. The issue affects Step-by-Step Interactive Training ...
CVE-2005-2388
CVE-2005-2388 describes a buffer overflow in a USB driver used on Microsoft Windows that could allow an attacker to execute arbitrary code. The provided documents do not specify the affected product name, exact driver version, or root cause details beyond the general buffer overflow. Exploit info...
CVE-2006-0143
The Connected advisory CPAI-2006-171 documents a denial-of-service flaw in Microsoft Windows’ Graphics Rendering Engine (GRE) when parsing certain WMF files. Specifically, a crafted WMF with ExtCreateRegion or ExtEscape calls can trigger a memory read/parse error in GRE, causing the host applicat...
CVE-2000-0980
This CVE concerns the NMPI listener component of Microsoft NWLink. The affected element is the NMPI (Name Management Protocol on IPX) listener in NWLink, which fails to properly filter packets originating from a broadcast address. Under this flaw, remote attackers can trigger a broadcast storm an...