663 matches found
CVE-2002-0370
CVE-2002-0370 refers to a buffer overflow/unchecked buffer in ZIP decompression in Windows ZIP handling affecting Windows 98 with Plus! Pack, XP, ME, Lotus Notes R4–R6, Verity KeyView, and StuffIt Expander before 7.0. OpenVAS and Nessus entries corroborate the MS02-054 fix. The vulnerability can ...
CVE-2011-3416
CVE-2011-3416 affects Microsoft .NET Framework's ASP.NET Forms Authentication, allowing remote authenticated users to obtain access to arbitrary user accounts via a crafted username. Affected: .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0. The issue is addressed by MS11-100; vulnerable...
CVE-2012-0002
CVE-2012-0002 is a Remote Desktop Protocol memory-processing vulnerability in affected Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1). The flaw permits remote code execution by sending specially crafted RDP packets tha...
CVE-2009-2524
CVE-2009-2524 refers to an Integer Overflow in LSASS during NTLM authentication in multiple Windows versions. A malformed NTLM packet can cause LSASS to crash and reboot the host, i.e., a denial-of-service condition. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows ...
CVE-2011-0657
CVE-2011-0657 affects the DNSAPI.dll DNS client in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 SP1). Root cause: improper processing of DNS queries by the DNS client, enabling remote attackers to run arbitrary code via (1) a crafted L...
CVE-2003-0352
CVE-2003-0352 describes a buffer overflow vulnerability in the DCOM RPC interface (RPCSS) of Windows NT 4.0 SP3-6a, Windows 2000, XP, and Server 2003. The issue is a stack/heap buffer overflow triggered by a malformed DCERPC DCOM object activation request with modified length fields, allowing rem...
CVE-2013-0810
CVE-2013-0810 affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2. Attackers could trigger remote code execution by delivering a crafted theme file containing a malicious screensaver. The root cause is improper handling of screensaver/theme data, al...
CVE-2003-0533
The CVE-2003-0533 issue is a stack-based buffer overflow in LSASS (LSASRV.DLL) affecting multiple Windows platforms (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003) and related products. The underlying flaw is in the DS RolerUpgradeDownlevelServer function invoked via DCERPC, which can cause an o...
CVE-2013-3175
CVE-2013-3175 is a Windows elevation-of-privilege issue in the handling of asynchronous RPC requests. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. Root cause...
CVE-2009-2493
CVE-2009-2493 : Microsoft’s ATL vulnerability enables remote code execution when a user loads a specially crafted component/control hosted on a malicious page. The issue is described in MS09-037 (ATL vulnerabilities) and is addressed by Microsoft security bulletin updates; affected products inclu...
CVE-2010-0480
CVE-2010-0480 is a remote code execution vulnerability in Microsoft MPEG Layer-3 codecs. The issue arises from multiple stack-based buffer overflows in the MPEG Layer-3 audio decoders (l3codecx.ax and related ACM codecs) when processing crafted AVI files, affecting Windows 2000 SP4, XP SP2/SP3, S...
CVE-2008-4114
The CVE-2008-4114 issue affects the Windows SMB SRV.SYS driver (WriteAndX handling) across multiple Windows platforms (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista Gold/SP1, Server 2008). The vulnerability arises from insufficient validation of the SMB WRITE_ANDX DataOffset, which can...
CVE-2013-0007
CVE-2013-0007 impacts Microsoft XML Core Services (MSXML) versions 4.0–6.0. A parsing fault in MSXML can allow remote code execution when a user visits a crafted web page (MSXML XSLT vulnerability). Affected components include MSXML DLLs; root cause is improper XML content parsing. Mitigation is ...
CVE-2006-3439
CVE-2006-3439 is a buffer overflow in the Server Service (SRVSVC) RPC interface that can be triggered by malformed parameters to SRVSVC API functions, enabling remote code execution on affected Windows versions. Public context from connected docs shows exploits and disclosures tied to MS06-040, a...
CVE-2012-1851
CVE-2012-1851 is a format string vulnerability in the Windows Print Spooler service that allows remote code execution. Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 SP1. Root cause: Print Spooler mishandles crafted response...
CVE-2010-2729
CVE-2010-2729 is a remote code execution vulnerability in the Windows Print Spooler service. It stems from insufficient validation of spooler access permissions, allowing a remote attacker to create files in a system directory and execute arbitrary code by sending a crafted print request over RPC...
CVE-2011-2014
The CVE-2011-2014 entry concerns LDAPS in Active Directory, ADAM, and AD LDS where the LDAPS implementation does not check Certificate Revocation Lists (CRLs). Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Windows ...
CVE-2012-0159
CVE-2012-0159 is a kernel-level remote code execution vulnerability in Microsoft Windows related to TrueType font parsing. The root cause is a sign extension error in the kernel’s handling of TrueType compound glyphs within win32k.sys, which can be triggered by a crafted TTF file. Affected produc...
CVE-2012-4786
CVE-2012-4786 affects Windows kernel-mode drivers handling TrueType/OpenType font parsing. The advisory set shows remote code execution via crafted TTF/OTF files affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, and RT. Root cause...
CVE-2017-0176
CVE-2017-0176 describes a buffer overflow in the Smart Card authentication code (gpkcsp.dll) in Windows XP SP3 and Windows Server 2003 SP2, enabling a remote attacker with RDP/Terminal Services enabled and domain-joined target to execute arbitrary code. The vulnerability arises in the Smart Card ...
CVE-2012-0013
CVE-2012-0013 is a remote-code-execution vulnerability in the Windows PackagerClickOnce handling: ClickOnce file types are not included in the Windows Packager unsafe file type list, allowing an attacker to execute arbitrary code via a crafted Office document. Affected OSes include Windows XP SP2...
CVE-2012-1527
CVE-2012-1527 corresponds to Windows Shell Briefcase Integer Underflow. The vulnerability arises from an integer underflow in the Briefcase feature of Windows Shell, enabling local privilege escalation for affected Windows editions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Wind...
CVE-2012-0004
CVE-2012-0004 affects Microsoft Windows via the DirectShow/DirectX stack (Quartz.dll, Qdvd.dll, Line21 DirectShow filter) and related components. The vulnerability allows remote attackers to execute arbitrary code by delivering a crafted media file, due to improper handling within DirectShow filt...
CVE-2002-1561
The CVE-2002-1561 issue affects the Windows RPC service stack (RPC Endpoint Mapper) on Windows 2000, NT 4.0, and XP. A malformed packet to TCP 135 can trigger a NULL pointer dereference in the RPC Endpoint Mapper, causing the RPC service to terminate and resulting in a denial of service for RPC-b...
CVE-2009-0086
CVE-2009-0086 describes an integer underflow in Windows HTTP Services (WinHTTP) that allows remote code execution when a remote server sends crafted values in a response. The vulnerability affects multiple Windows versions, including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista (Gold/...
CVE-2009-2500
This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...
CVE-2009-2528
CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...
CVE-2011-2003
CVE-2011-2003 : A buffer overflow in win32k.sys used by kernel-mode drivers across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 RTM/SP1) can be triggered by a crafted .fon file. The vulnerability arises from an input validation error when the ke...
CVE-2012-1852
The CVE-2012-1852 entry describes a heap-based buffer overflow in the Remote Administration Protocol (RAP) handling within the LanmanWorkstation service on Windows XP SP2/SP3. The flaw allows remote code execution when an attacker sends crafted RAP response packets, enabling arbitrary code execut...
CVE-2013-0077
The CVE-2013-0077 issue concerns Quartz.dll in DirectShow on Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2). A remote attacker can trigger arbitrary code execution by processing crafted media content (media file, media stream, or an Office document). The vulnerability...
CVE-2012-0217
CVE-2012-0217 affects the x86-64 kernel sysret path across multiple platforms (Xen 4.1.2 and earlier, XenServer 6.0.2 and earlier, Solaris 11 and earlier, illumos before r13724, FreeBSD before 9.0-RELEASE-p3, NetBSD 6.0 Beta and earlier, Windows Server 2008 R2/R2 SP1/Windows 7 SP1, and others). T...
CVE-2010-0268
CVE-2010-0268 describes a remote code execution vulnerability in the Windows Media Player ActiveX control (Windows Media Player 9 Series) on Windows 2000 SP4 and Windows XP SP2/SP3. The issue arises because the ActiveX control incorrectly handles specially crafted media content hosted on a malici...
CVE-2010-0028
CVE-2010-0028 is a remote code execution vulnerability in Microsoft Paint caused by an integer/heap overflow while decoding JPEG images. Affected software includes Windows 2000 SP4, Windows XP SP2/SP3, and Windows Server 2003 SP2 (Paint decode path). Microsoft released MS10-005 to address the fla...
CVE-2010-0231
CVE-2010-0231 involves the SMB server’s NTLM authentication on Windows 2000/XP/2003/Vista/Server 2008/7 where insufficient entropy in server-generated challenges (duplicate NTLM nonces) allows remote attackers to access files and SMB resources after many authentication requests. Root cause: weak ...
CVE-2012-1853
CVE-2012-1853 is a stack-based buffer overflow in the Remote Administration Protocol (RAP) handling of the LanmanWorkstation service on Microsoft Windows XP SP3. The vulnerability arises from the RAP response processing in the LAN Manager/Remote Administration Protocol stack, allowing a remote at...
CVE-2012-2526
The CVE-2012-2526 issue affects Microsoft Windows XP SP3 (RDP) where the RDP implementation mishandles in-memory objects, allowing remote code execution via specially crafted RDP packets that trigger access to a deleted object. Connected sources confirm this is a remote code execution vulnerabili...
CVE-2004-0200
CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...
CVE-2012-0175
CVE-2012-0175 corresponds to a Windows Shell remote code execution vulnerability caused by how Windows handles specially crafted file or directory names. The issue affects multiple Windows editions, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/...
CVE-2013-1313
CVE-2013-1313 corresponds to an OLE Automation use-after-parse in Windows XP SP3 where memory misallocation enables remote code execution via a crafted RTF document. Connected advisories note this as a code-execution vulnerability in Windows Common Controls (OLE) with remote impact. Mitigation pe...
CVE-2011-3414
CVE-2011-3414 concerns a denial-of-service in the Microsoft .NET Framework ASP.NET HashTable mapping. The vulnerability arises from the CaseInsensitiveHashProvider.getHashCode function used by the HashTable implementation across .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, which can ...
CVE-2013-5056
The CVE-2013-5056 issue is a use-after-free vulnerability in the Microsoft Scripting Runtime Object Library (scrrun.dll) that allows remote code execution when a user visits a crafted website via Internet Explorer. Affected products span multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vis...
CVE-2012-4774
CVE-2012-4774 is a Windows File Handling Component vulnerability. A crafted file or subfolder name can trigger use of unallocated memory as the destination of a copy operation, enabling remote code execution on affected Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windo...
CVE-2010-0020
CVE-2010-0020 concerns a flaw in the SMB server implementation of Windows: the Server service fails to validate request fields, enabling a remote authenticated user to execute arbitrary code via a malformed SMB request. Affected platforms include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vis...
CVE-2013-3181
CVE-2013-3181 affects the Unicode Script Processor (USP10.DLL) used by Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability enables remote code execution via crafted OpenType fonts, described as the Uniscribe Font Parsing Engine Memory Corruption. Microsoft issued MS13-060 with patch...
CVE-2009-3126
CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...
CVE-2012-0009
CVE-2012-0009 affects Windows Object Packager handling in Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from how Object Packager registers/implements packages stored on network shares, WebDAV, and UNC paths, allowing local privilege escalation via a Trojan horse executab...
CVE-2008-4834
CVE-2008-4834 corresponds to a buffer overflow in the Server service of Microsoft Windows SMB handling. Affected products include Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP1/SP2. The root cause is improper validation of SMB NT Trans request data, allowing remote attackers to craft m...
CVE-2009-1926
CVE-2009-1926 describes a TCP/IP processing vulnerability in Microsoft Windows that can cause a denial of service by flooding a host with specially crafted TCP packets featuring a small or zero receive window. The issue occurs when connections remain in FIN-WAIT-1 or FIN-WAIT-2 and the sender doe...
CVE-2006-7210
The CVE-2006-7210 entry relates to Microsoft Windows 2000, XP, and Server 2003 where remote attackers can trigger a DoS (CPU consumption) by viewing a crafted PNG image that abuses the IHDR block (specifics: crafted Width and Height values). The vulnerability affects the PNG image handling path i...
CVE-2009-1930
The CVE-2009-1930 entry describes a Telnet Credential Reflection vulnerability in Windows Telnet service. A remote attacker could trigger arbitrary code execution by replaying NTLM credentials from a client to the Telnet server. Affected products include Windows 2000 (SP4), XP (SP2/SP3), Server 2...