Lucene search

K

32 matches found

CVE
CVE
added 2007/03/30 8:19 p.m.86 views

CVE-2007-0038

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, whic...

9.3CVSS7.8AI score0.90084EPSS
CVE
CVE
added 2007/02/23 2:28 a.m.85 views

CVE-2007-0843

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that d...

4.6CVSS6.1AI score0.00418EPSS
CVE
CVE
added 2007/03/30 12:19 a.m.78 views

CVE-2007-1765

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue...

9.3CVSS7.7AI score0.90084EPSS
CVE
CVE
added 2007/06/06 9:30 p.m.75 views

CVE-2007-3091

Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of ...

7.1CVSS7.2AI score0.18448EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.72 views

CVE-2007-2228

rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via a...

7.8CVSS6.4AI score0.71221EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.62 views

CVE-2007-1528

The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the "Spoof...

5CVSS6.5AI score0.24205EPSS
CVE
CVE
added 2007/03/24 7:19 p.m.60 views

CVE-2007-1658

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/...

9.3CVSS6.5AI score0.76092EPSS
CVE
CVE
added 2007/02/03 1:28 a.m.58 views

CVE-2007-0675

A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

7.6CVSS6.6AI score0.39148EPSS
CVE
CVE
added 2007/12/12 12:46 a.m.54 views

CVE-2007-5351

Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnerability."

10CVSS7.2AI score0.48048EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.53 views

CVE-2007-1531

Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host.

5CVSS6.3AI score0.49398EPSS
CVE
CVE
added 2007/04/10 9:19 p.m.52 views

CVE-2007-1209

Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

7.2CVSS6.2AI score0.02075EPSS
CVE
CVE
added 2007/03/30 12:19 a.m.52 views

CVE-2007-1763

The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow.

7.1CVSS6.7AI score0.36763EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.51 views

CVE-2007-1530

The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which allows remote attackers to cause a denial of service (mapping failure) by omitting an ACK response, which triggers an XML syntax error.

5CVSS6.6AI score0.30084EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.51 views

CVE-2007-1535

Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.

7.5CVSS6.6AI score0.27784EPSS
CVE
CVE
added 2007/09/27 7:17 p.m.50 views

CVE-2007-5133

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

7.1CVSS6.9AI score0.56087EPSS
CVE
CVE
added 2007/04/04 4:19 p.m.49 views

CVE-2007-1215

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.

7.2CVSS6.5AI score0.0278EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.47 views

CVE-2007-1527

The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the ...

5CVSS6.4AI score0.24205EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.47 views

CVE-2007-3038

The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information Di...

7.8CVSS5.9AI score0.30259EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.46 views

CVE-2007-1529

The LLTD Responder in Microsoft Windows Vista does not send the Mapper a response to a DISCOVERY packet if another host has sent a spoofed response first, which allows remote attackers to spoof arbitrary hosts via a network-based race condition, aka the "Total Spoof" attack.

4.3CVSS6.6AI score0.19329EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.46 views

CVE-2007-1534

DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connections on TCP port 5722 for 2 minutes after Windows Meeting Space is closed, which allows remote attackers to have an unknown impact by connecting to this port during the time window.

9.3CVSS6.7AI score0.38736EPSS
CVE
CVE
added 2007/08/14 10:17 p.m.46 views

CVE-2007-3033

Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local ...

4.3CVSS6AI score0.42333EPSS
CVE
CVE
added 2007/06/12 7:30 p.m.44 views

CVE-2007-2229

Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store ACLs Information Disc...

7.2CVSS5.5AI score0.00846EPSS
CVE
CVE
added 2007/11/07 11:46 p.m.44 views

CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.

9.3CVSS7.6AI score0.16668EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.43 views

CVE-2007-1533

The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks.

5CVSS6.5AI score0.24205EPSS
CVE
CVE
added 2007/04/04 4:19 p.m.42 views

CVE-2007-1212

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.

6.6CVSS6.3AI score0.02795EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.42 views

CVE-2007-1532

The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements.

6.4CVSS6.6AI score0.24205EPSS
CVE
CVE
added 2007/09/12 1:17 a.m.42 views

CVE-2007-3036

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."

6.9CVSS6.3AI score0.03161EPSS
CVE
CVE
added 2007/08/14 10:17 p.m.41 views

CVE-2007-3032

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.

6.8CVSS7.2AI score0.58353EPSS
CVE
CVE
added 2007/08/14 10:17 p.m.41 views

CVE-2007-3891

Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.

6.8CVSS7.3AI score0.5212EPSS
CVE
CVE
added 2007/12/12 12:46 a.m.40 views

CVE-2007-5350

Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy reply paths."

7.2CVSS6.1AI score0.00846EPSS
CVE
CVE
added 2007/08/08 11:17 p.m.39 views

CVE-2007-4247

Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file.

4.3CVSS6.6AI score0.28809EPSS
CVE
CVE
added 2007/07/10 7:30 p.m.38 views

CVE-2007-3671

Unspecified vulnerability in the kernel in Microsoft Windows Vista has unspecified remote attack vectors and impact, as shown in the "0day IPO" presentation at SyScan'07.

7.8CVSS6.5AI score0.28167EPSS