56 matches found
CVE-2005-1214
CVE-2005-1214 involves a spoofing flaw in Microsoft Agent that could allow remote attackers to impersonate trusted Internet content and potentially execute arbitrary code when a user visits a malicious Web page. Connected docs confirm the vulnerability (CAN-2005-1214) exists in Microsoft Agent an...
CVE-2001-0003
The CVE-2001-0003 entry concerns Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me. The issue is that WEC does not correctly process Internet Explorer security settings for NTLM authentication, which can allow an attacker to obtain NTLM credentials and potentially o...
CVE-2005-2388
CVE-2005-2388 describes a buffer overflow in a USB driver used on Microsoft Windows that could allow an attacker to execute arbitrary code. The provided documents do not specify the affected product name, exact driver version, or root cause details beyond the general buffer overflow. Exploit info...
CVE-2001-1552
CVE-2001-1552 affects Windows ME where the service ssdpsrv.exe can be triggered remotely to cause a denial of service by sending multiple newline characters in an SSDP message. The NVD/CVE records describe the vulnerability as a DoS condition without mentioning code-level details, impacted versio...
CVE-2006-0143
The Connected advisory CPAI-2006-171 documents a denial-of-service flaw in Microsoft Windows’ Graphics Rendering Engine (GRE) when parsing certain WMF files. Specifically, a crafted WMF with ExtCreateRegion or ExtEscape calls can trigger a memory read/parse error in GRE, causing the host applicat...
CVE-2000-0980
This CVE concerns the NMPI listener component of Microsoft NWLink. The affected element is the NMPI (Name Management Protocol on IPX) listener in NWLink, which fails to properly filter packets originating from a broadcast address. Under this flaw, remote attackers can trigger a broadcast storm an...