Windows Vista Security Vulnerabilities and Issues — Page 2 of Windows Vista CVE List

Lucene search

MicrosoftWindows Vista

95 matches found

CVE•added 2011/06/16 8:55 p.m.•53 views

CVE-2011-1894

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows re...

4.3CVSS5.5AI score0.20108EPSS

CVE•added 2011/04/13 6:55 p.m.•52 views

CVE-2011-0041

Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability."

9.3CVSS7.6AI score0.7426EPSS

CVE•added 2011/04/13 8:26 p.m.•52 views

CVE-2011-1240

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/08/10 9:55 p.m.•52 views

CVE-2011-1871

Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."

7.8CVSS6.4AI score0.74922EPSS

CVE•added 2011/10/12 2:52 a.m.•52 views

CVE-2011-2009

Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Librar...

9.3CVSS6.4AI score0.26469EPSS

CVE•added 2011/06/16 8:55 p.m.•51 views

CVE-2011-0658

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a ...

9.3CVSS7.5AI score0.31103EPSS

CVE•added 2011/04/13 6:55 p.m.•51 views

CVE-2011-0670

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0671

8.4CVSS6.5AI score0.01054EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0672

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-1227

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/07/13 11:55 p.m.•51 views

CVE-2011-1875

7.2CVSS6.4AI score0.0061EPSS

CVE•added 2011/02/09 1:0 a.m.•50 views

CVE-2011-0087

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validati...

7.2CVSS6.3AI score0.00751EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1881

8.4CVSS6.4AI score0.00759EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1882

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1887

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs...

7.8CVSS6.4AI score0.00995EPSS

CVE•added 2011/08/10 9:55 p.m.•50 views

CVE-2011-1971

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."

4.7CVSS5.9AI score0.01221EPSS

CVE•added 2011/01/07 12:0 p.m.•49 views

CVE-2010-4669

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) mess...

7.8CVSS7.2AI score0.07851EPSS

CVE•added 2011/02/10 4:0 p.m.•49 views

CVE-2011-0033

The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitra...

9.3CVSS7.6AI score0.2718EPSS

CVE•added 2011/02/09 1:0 a.m.•49 views

CVE-2011-0089

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka ...

7.2CVSS6.4AI score0.00859EPSS

CVE•added 2011/04/13 6:55 p.m.•49 views

CVE-2011-0667

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•49 views

CVE-2011-1225

7.2CVSS6.4AI score0.00827EPSS

CVE•added 2011/07/13 11:55 p.m.•49 views

CVE-2011-1283

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and w...

7.2CVSS6.5AI score0.00773EPSS

CVE•added 2011/04/13 6:55 p.m.•48 views

CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Respon...

9.3CVSS7.5AI score0.4891EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1234

7.2CVSS6.4AI score0.00639EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1239

7.2CVSS6.4AI score0.00623EPSS

CVE•added 2011/07/13 11:55 p.m.•48 views

CVE-2011-1883

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/02/09 1:0 a.m.•47 views

CVE-2011-0086

7.2CVSS6.4AI score0.01164EPSS

CVE•added 2011/04/13 8:26 p.m.•47 views

CVE-2011-1235

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•47 views

CVE-2011-1241

7.2CVSS6.4AI score0.0061EPSS

CVE•added 2011/02/09 1:0 a.m.•46 views

CVE-2011-0088

7.2CVSS6.3AI score0.00584EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1226

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1228

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1236

7.8CVSS6.5AI score0.01027EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1237

7.2CVSS6.4AI score0.01624EPSS

CVE•added 2011/07/13 11:55 p.m.•46 views

CVE-2011-1878

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/07/13 11:55 p.m.•46 views

CVE-2011-1879

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/04/13 8:26 p.m.•45 views

CVE-2011-0675

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/07/13 11:55 p.m.•45 views

CVE-2011-1884

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/04/13 6:55 p.m.•44 views

CVE-2011-0665

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•44 views

CVE-2011-1233

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/06/16 8:55 p.m.•44 views

CVE-2011-1873

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, wh...

9.3CVSS7.6AI score0.33768EPSS

CVE•added 2011/04/13 8:26 p.m.•43 views

CVE-2011-0674

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•43 views

CVE-2011-1232

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/12/14 12:55 a.m.•43 views

CVE-2011-3401

ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51783EPSS

CVE•added 2011/04/13 6:55 p.m.•42 views

CVE-2011-0666

7.2CVSS6.5AI score0.00623EPSS

Total number of security vulnerabilities95