351 matches found
CVE-2013-1285
CVE-2013-1285 concerns Windows USB descriptor handling vulnerabilities in several Windows OS versions (XP SP2/SP3; Server 2003 SP2; Vista SP2; Server 2008 SP2/R2/R2 SP1; Windows 7; Windows 8; Server 2012). The issue arises from improper handling of objects in memory by USB kernel‑mode drivers, en...
CVE-2009-0088
CVE-2009-0088 describes a remote code execution vulnerability in the WordPerfect 6.x Converter (WPFT632.CNV) used by Word 2000 SP3 and the Office Converter Pack. The issue arises when the converter fails to properly validate the length of an input string, enabling a crafted WordPerfect 6.x docume...
CVE-2010-0233
CVE-2010-0233 – Windows kernel double free vulnerability : Elevation of privilege via a double free in the Windows Kernel when freeing memory. Affected: Windows 2000 SP4; XP SP2/SP3; Server 2003 SP2; Vista (Gold, SP1, SP2); Server 2008 (Gold SP2); and related editions. Root cause: improper memory...
CVE-2010-0489
The CVE-2010-0489 entry corresponds to a Race Condition Memory Corruption vulnerability in Microsoft Internet Explorer (affecting IE 5.01 SP4, 6, 6 SP1, and 7). The connected sources confirm a remote code execution scenario triggered by specially crafted HTML/Web content, with exploitation possib...
CVE-2010-0490
CVE-2010-0490 is an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE6, IE6 SP1, IE7, IE8) that could allow remote code execution when IE accesses an object that has not been properly initialized or has been deleted. Exploitation involves viewing a specially crafted...
CVE-2010-1882
CVE-2010-1882 corresponds to a memory corruption/buffer overflow in the Microsoft DirectShow MPEG Layer-3 Audio Codec (l3codecx.ax). The vulnerability exists in the MPEG Layer-3 codec used by Windows Media/DirectShow and can be triggered by a specially crafted MPEG‑L3 audio stream in a media file...
CVE-2010-3222
CVE-2010-3222 describes a stack-based buffer overflow in the Windows Local Procedure Call subsystem (RPCSS) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability occurs during LPC–LRPC port message handling between LPC and the LRPC server, allowing a locally authenticated us...
CVE-2010-3943
CVE-2010-3943 affects Windows kernel-mode Win32k.sys, where driver objects are not properly linked, enabling local privilege escalation through linked-list corruption. Affected products include Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP...
CVE-2010-3974
CVE-2010-3974 is a memory corruption vulnerability in the Windows Fax Cover Page Editor (fxscover.exe) that occurs when parsing crafted Fax cover pages (.cov). A remote attacker could execute arbitrary code on affected systems by convincing a user to open a malicious fax cover page file. Affected...
CVE-2011-0090
CVE-2011-0090 concerns Win32k.sys in the kernel-mode drivers of affected Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The vulnerability stems from improper validation of data passed from user mode to kernel mode, enabling local privilege e...
CVE-2011-1885
The CVE-2011-1885 issue affects Win32k.sys in multiple Windows OS versions (Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). It is a local privilege escalation caused by a NULL pointer dereference in kernel‑mode drivers, allowing a crafted a...
CVE-2013-1283
CVE-2013-1283 affects Windows kernel-mode drivers, specifically Win32k.sys, with a local privilege-escalation due to race conditions from improper handling of memory objects. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Wind...
CVE-2003-0813
Technical details for CVE-2003-0813 are not publicly provided in the supplied documents; no concrete affected products/versions or fixes are listed. Monitor for updates.
CVE-2009-2517
CVE-2009-2517 is part of a set of Windows kernel vulnerabilities described in MS09-058 with elevation-of-privilege and denial-of-service implications. The connected materials confirm: (1) the Windows kernel mishandles exceptions, enabling a local attacker with valid logon to cause a denial-of-ser...
CVE-2010-0483
CVE-2010-0483 targets VBScript.dll in VBScript 5.1/5.6/5.7/5.8 on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. When Internet Explorer is used, referencing a crafted .hlp file via the MsgBox function’s helpfile argument (local, UNC, or WebDAV) can lead to code execution via winhlp32.exe if t...
CVE-2011-1894
The CVE-2011-1894 issue affects the MHTML protocol handler used by Microsoft Windows components (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/R2, Windows 7 SP1). The vulnerability arises from improper handling of a MIME format in requests for embedded content within an HTML docume...
CVE-2013-1273
CVE-2013-1273 is a race condition in the win32k.sys kernel-mode driver that can allow local privilege escalation and reading arbitrary kernel memory on affected Windows platforms (XP SP2-SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP0-SP1). The vulnerability stems from timing/o...
CVE-2013-1340
CVE-2013-1340 is a Windows kernel local privilege-escalation vulnerability in the Win32k.sys component (Win32k Dereference Vulnerability). The flaw occurs in memory object handling within the Win32k kernel-mode driver and affects multiple Windows platforms including XP SP2/SP3, Server 2003 SP2, V...
CVE-2009-1547
CVE-2009-1547 concerns Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7. The issue is a remote code execution vulnerability triggered by a crafted data-stream header causing memory corruption in the browser. Technical details across connected docs show that this affects legacy IE versions an...
CVE-2010-0494
CVE-2010-0494 is the HTML Element Cross-Domain Vulnerability in Internet Explorer (IE6/6 SP1/7/8) that allows information disclosure when a user drags one IE window across another. The issue affects IE’s handling of cross-domain scripting context and is addressed by Microsoft Security Bulletin MS...
CVE-2010-0812
ISATAP IPv6 Source Address Spoofing vulnerability (CVE-2010-0812) affects Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008 SP2. The flaw in the Windows TCP/IP stack checks the inner IPv6 source in tunneled ISATAP packets, enabling spoofing that could bypass IPv4 source-address ...
CVE-2011-3408
CVE-2011-3408 describes a local privilege-escalation vulnerability in the Windows Client/Server Run-time Subsystem (CSRSS). Csrsrv.dll in CSRSS fails to properly check permissions when a lower-integrity process sends inter-process device-event messages to a higher-integrity process, allowing a lo...
CVE-2013-3879
Win32k Use After Free Vulnerability (CVE-2013-3879): a local privilege-escalation in the win32k.sys kernel-mode driver affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8, Server 2012, and RT. Root cause: use-after-free in memory object handling within the W...
CVE-2015-1645
CVE-2015-1645 is a remote code execution vulnerability affecting Windows NT-based clients/servers (Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1). It stems from a flaw in EMF processing in GDI32.dll (MRSETDIBITSTODEVICE::bPlay), enabling remote attackers to execute arb...
CVE-2009-0093
MS09-008 fixes multiple DNS/WINS vulnerabilities in Windows servers that could allow remote attackers to spoof WPAD/ISATAP and hijack network traffic. The WPAD vulnerability (CVE-2009-0093) arises when dynamic updates are enabled and WPAD/ISATAP registrations are not restricted in DNS, enabling a...
CVE-2009-0232
CVE-2009-0232: A remote-code-execution vulnerability in the Embedded OpenType (EOT) Font Engine. An integer overflow occurs while parsing EOT name tables, affecting Windows 2000 SP4; XP SP2/SP3; Server 2003 SP2; Vista SP1/SP2; and Server 2008 Gold/SP2. An attacker could exploit this via a crafted...
CVE-2009-1919
Microsoft Internet Explorer variants 5.01–8 on Windows 2000–Vista/Server 2003/2008 are affected by an Uninitialized Memory Corruption vulnerability in memory handling of deleted objects when processing HTML with embedded style sheets. The connected KB describes MS09-034 (Cumulative Security Updat...
CVE-2009-2531
CVE-2009-2531 corresponds to an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE 6, 6 SP1, 7, and 8). The connected MSKB MS09-054 describes a cumulative security update that mitigates remote code execution by requiring users visit a malicious page; applying the MS0...
CVE-2010-2738
Microsoft Windows/Office Uniscribe (USP10.DLL) vulnerability CVE-2010-2738 involves improper validation of tables in OpenType fonts, leading to remote code execution via crafted web pages or Office documents. Affected components include USP10.DLL across Windows XP SP2/SP3, Server 2003 SP2, Vista ...
CVE-2010-3940
CVE-2010-3940 is a Windows kernel-mode driver (win32k.sys) vulnerability described as a double-free in the Win32k PFE pointer handling that could allow local privilege elevation. Affected platforms include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Go...
CVE-2011-0028
CVE-2011-0028 concerns a vulnerability in Microsoft WordPad Text Converters used by WordPad on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is an error in the WordPad converter that fails to correctly parse certain Word document fields (notably sprmTTextFlow and sprmTSplit), all...
CVE-2011-1247
CVE-2011-1247 describes an untrusted search path vulnerability in the Microsoft Active Accessibility component that affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 RTM/SP1. The underlying flaw is insecure library loading (DLL l...
CVE-2011-1248
CVE-2011-1248 affects Microsoft Windows WINS (the Windows Internet Name Service) on Windows Server 2003 SP2 and Windows Server 2008 Gold/SP2/R2/R2 SP1. The vulnerability arises from a logic error in handling socket send exceptions in the wins.exe service, leaving certain user-supplied values in a...
CVE-2012-0001
CVE-2012-0001 details (Windows kernel SafeSEH bypass). The vulnerability arises from the kernel’s improper loading of structured exception handling (SEH) tables in Windows XP SP2, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2/R2 SP1, and Windows 7 SP1. This allows context-dependent attackers to ...
CVE-2012-1865
CVE-2012-1865 affects Microsoft Windows kernel- mode drivers (notably win32k.sys) across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The root cause, as described in the CVE entry, is that user-mode input passed to kernel mode for driver ob...
CVE-2013-1255
The CVE-2013-1255 entry describes a race condition in the win32k.sys kernel-mode driver that allows local privilege elevation and reading of arbitrary kernel memory. Affected are: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 Gold/SP...
CVE-2013-3173
CVE-2013-3173 corresponds to the Win32k.sys kernel-mode driver buffer overflow vulnerability (Win32k Buffer Overwrite Vulnerability) that allows local privilege escalation on affected Windows versions. Documents reference Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008/R2 SP1, 7 SP1, ...
CVE-2009-1126
CVE-2009-1126 corresponds to the Windows Desktop Parameter Edit Vulnerability. Affected products are Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP2. The kernel fails to properly validate user-mode input when editing a specific desktop parameter, enabling a local attacker to execute cod...
CVE-2010-0807
CVE-2010-0807 affects Microsoft Internet Explorer 7 and is caused by improper handling of objects in memory when accessing a deleted object, leading to HTML Rendering Memory Corruption and remote code execution. The issue allows an attacker to run arbitrary code on a vulnerable machine, typically...
CVE-2010-1896
CVE-2010-1896 corresponds to Win32k User Input Validation Vulnerability. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 (Gold/SP2). The flaw is in win32k.sys where user-mode input is not properly validated before kernel-mode ...
CVE-2010-2742
The CVE affects the Netlogon RPC Service in Windows Server 2003 SP2 and Windows Server 2008 Gold/SP2/R2 when the domain controller role is enabled. A remote attacker can trigger a denial-of-service via a crafted Netlogon RPC packet, causing a NULL pointer dereference and reboot. The issue is docu...
CVE-2011-0662
CVE-2011-0662 is a Win32k.sys use-after-free vulnerability in Windows kernel-mode drivers that allows a local user to escalate privileges via a crafted application, due to incorrect driver object management. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 (Gold, SP2, R2,...
CVE-2011-0676
CVE-2011-0676 affects Windows kernel-mode drivers (notably win32k.sys) across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in the Win32k subsystem that allows local users t...
CVE-2011-1268
CVE-2011-1268 affects the SMB client in various Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The issue is a remote code execution flaw caused by improper parsing of crafted SMB responses (SMBv1 or SMBv2), allowing an attacker to execute ar...
CVE-2011-1876
CVE-2011-1876 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) that allows local privilege escalation by abusing improper driver object management. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2...
CVE-2011-1880
CVE-2011-1880 affects Windows kernel-mode drivers, specifically Win32k.sys, across multiple OS versions (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold SP2/R2 and R2 SP1, Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in Win32k....
CVE-2011-3406
CVE-2011-3406 describes a buffer overflow in Microsoft Windows Active Directory, ADAM, and AD LDS that can allow a remote authenticated attacker to execute arbitrary code by sending a crafted LDAP query. Root cause: memory initialization issue in LDAP request handling. Affected products/versions ...
CVE-2012-0005
CVE-2012-0005 affects Microsoft Windows CSRSS in the Win32 subsystem (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2). The issue arises when processing Unicode characters for Chinese/Japanese/Korean locales, leading to uninitialized memory access and local privilege escalation. Exploitat...
CVE-2009-2515
CVE-2009-2515 is a Windows kernel local elevation-of-privilege vulnerability caused by an incorrect truncation of a 64-bit value to 32-bit. The issue affects multiple Windows editions listed in MS09-058 (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008). An ...
CVE-2009-2519
CVE-2009-2519 describes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control (triedit.dll) bundled with Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises when formatting HTML markup, allowing a crafted web page viewed in Internet Explorer to trigge...