663 matches found
CVE-2006-0021
The CVE-2006-0021 issue affects Microsoft Windows TCP/IP implementation on Windows XP SP1/SP2 and Windows Server 2003 up to SP1, where a specially crafted IGMPv3 packet can trigger a denial‑of‑service (system hang). Root cause: failure to properly validate IGMP packets in the TCP/IP stack, allowi...
CVE-2011-0667
CVE-2011-0667 is a local privilege-escalation in the Windows kernel (win32k.sys) caused by a use-after-free in driver object management. A crafted application can abuse this to gain kernel privileges on affected systems, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2...
CVE-2011-1225
The CVE-2011-1225 issue affects the Windows kernel32k subsystem: specifically, win32k.sys in kernel-mode drivers allows local privilege escalation via a NULL pointer de-reference. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1–SP2), Windows Server 20...
CVE-2011-1236
CVE-2011-1236 is a use-after-free vulnerability in win32k.sys (kernel-mode driver) affecting multiple Windows OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). The issue arises from incorrect driver object management in the Win32k subsys...
CVE-2011-1869
The CVE-2011-1869 issue affects the Distributed File System (DFS) implementation on multiple Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). A crafted DFS referral response can be sent by a remote ...
CVE-2011-1878
CVE-2011-1878 is a use-after-free vulnerability in win32k.sys, the kernel-mode driver component of Windows. A crafted local access application can trigger improper driver object management, enabling a local user to escalate privileges. Affected products include Windows XP SP2/SP3, Windows Server ...
CVE-2013-1250
CVE-2013-1250 is a race-condition-based local privilege-escalation flaw in the Windows kernel-mode driver win32k.sys. Affected software (per PT-2013-3009) includes Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2–R2 SP1, and Windows 7 Gold–SP1. The vulnerabi...
CVE-2013-3196
The CVE-2013-3198 entry concerns the NTVDM kernel component in 32‑bit Windows platforms (XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Windows 8). The vulnerability arises from improper validation of kernel‑memory addresses in NTVDM, enabling local users to gain privileges o...
CVE-2002-0283
CVE-2002-0283 affects Windows XP where an attacker can induce CPU consumption (DoS) by sending a flood of TCP SYN packets with possibly malformed data to port 445 (SMB). This is a network-vector, low-complexity attack requiring no authentication, with the impact described as partial availability....
CVE-2003-0112
CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2005-0688
CVE-2005-0688 is described as a Land-like DoS affecting Windows XP SP2, Windows Server 2003 SP1, and Longhorn when the Windows Firewall is off. The vulnerability arises from processing of a TCP packet with the SYN flag set where the source and destination IP and port are identical, causing CPU co...
CVE-2005-2123
CVE-2005-2123 affects the Windows GDI32.DLL Graphics Rendering Engine, with heap-based buffer overflows triggered by crafted WMF/EMF image data. Affected systems include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. Root cause is overflow/unchecked size handling in image rendering, enabling ...
CVE-2005-2124
The CVE-2005-2124 entry concerns a vulnerability in the Windows Graphics Rendering Engine (GDI32.DLL) affecting Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. The flaw stems from an unchecked buffer in WMF handling, enabling remote code execution via a crafted Windows Metafile image. Exploita...
CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1/SP2, and Windows Server 2003 SP1 is affected. A vulnerability in the rendering path (DIV containing a malformed IMG tag) combined with a malformed CSS/HTML file can trigger a null dereference, causing a remot...
CVE-2006-3440
CVE-2006-3440 is a remote code execution vulnerability in the Winsock API (buffer overflow) affecting Windows 2000 SP4, XP SP1/SP2, XP Pro x64, Windows Server 2003 and Itanium/x64 variants. Exploitation requires convincing a user to open a specially crafted file or visit a crafted website, enabli...
CVE-2006-4071
CVE-2006-4071 affects Microsoft Windows XP and Windows Server 2003 (gdi32.dll). Vulnerable component: createBrushIndirect in GDI; root cause: sign extension issue that allows a crafted WMF file to crash the application (user-assisted DoS). Impact: denial of service via crash. Exploitation details...
CVE-2007-4675
CVE-2007-4675 summary (Apple QuickTime): A heap-based buffer overflow in the QuickTime VR extension (QTVR) 7.2.0.240, embedded in QuickTime.qts, allows remote code execution when a user opens a specially crafted QTVR movie file. The vulnerability is caused by an unvalidated size field in the pano...
CVE-2008-1456
CVE-2008-1456 describes a remote code execution vulnerability in the Windows Event System caused by improper validation when indexing an array of function pointers. Affected products include Windows 2000 SP4, XP (SP2/SP3), Server 2003 (SP1/SP2), Vista (initial and SP1), and Server 2008. The issue...
CVE-2009-0083
CVE-2009-0083 is a Windows kernel local privilege escalation vulnerability (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1) caused by improper handling of specially crafted invalid pointers. A local attacker could gain kernel privileges via an application that triggers use of an invalid pointer. M...
CVE-2009-1125
CVE-2009-1125 corresponds to the Windows Driver Class Registration Vulnerability. The Microsoft Windows kernel does not properly validate an argument passed to a Windows kernel system call, enabling local privilege escalation if a crafted user-mode application is run. Affected products include Wi...
CVE-2009-1546
CVE-2009-1546 is an AVI parsing vulnerability in Windows where an integer overflow in Avifil32.dll used by the AVI/RIFF handling code can allow remote code execution when a user opens a specially crafted AVI file. The issue affects multiple Windows editions (2000 SP4, XP SP2/SP3, Server 2003 SP2,...
CVE-2010-2563
CVE-2010-2563 affects WordPad Word 97 Text Converter memory handling in WordPad Text Converters on Windows XP SP2/SP3 and Windows Server 2003 SP2. A vulnerability arises from parsing malformed fields in Word 97 documents, causing memory corruption that could allow remote code execution when a use...
CVE-2010-3959
CVE-2010-3959 affects the Microsoft OpenType Font (OTF) driver. A crafted CMAP table in an OpenType font can cause local privilege escalation on Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2, and Windows 7. Root cause: incorrect handling/parsi...
CVE-2010-4669
The CVE-2010-4669 entry concerns the IPv6 Neighbor Discovery (ND) router advertisement flood vulnerability. Affected products include the IPv6 stack in Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7. The issue arises when an attacker sends many Router Advertise...
CVE-2011-0086
CVE-2011-0086 pertains to win32k.sys in affected Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7) where user-mode input is not properly validated by kernel-mode drivers. This enables local privilege escalation via a crafted application. Acknowledge...
CVE-2011-0670
CVE-2011-0670 describes a use-after-free vulnerability in win32k.sys within Windows kernel-mode drivers that enables local privilege escalation. Affected are Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP2, R2, R2 SP1), and Windows 7 (Gold,...
CVE-2011-0672
CVE-2011-0672 is a use-after-free vulnerability in the Windows kernel Win32k.sys (kernel-mode drivers). Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 Gold/SP1. The issue stems from incorrect driv...
CVE-2012-1868
CVE-2012-1868 is a local privilege-escalation vulnerability in Windows, caused by a race condition in the thread-creation path of win32k.sys (kernel-mode drivers). Exploitation would allow a local attacker to gain SYSTEM-level privileges via a crafted application on affected Windows XP SP3 system...
CVE-2013-1251
CVE-2013-1251 describes a race condition in the Windows kernel-mode driver win32k.sys that enables local privilege escalation and potential reading of arbitrary kernel memory. Affected products and versions include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 200...
CVE-2013-1291
CVE-2013-1291 refers to a local-denial-of-service vulnerability in Windows OpenType font parsing via win32k.sys. Exploitation requires local access and a crafted OpenType font can crash/restart the system. Affected OS versions include Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, W...
CVE-2013-1343
Technical details for CVE-2013-1343 are not publicly available in the provided documents; affected components, impact, and remediation are not specified here. Monitor for updates from NVD and EUVD sources.
CVE-2013-3167
Win32k.sys in the Windows kernel-mode drivers exposes a local privilege-escalation vulnerability (CVE-2013-3167) by improperly handling in-memory objects. A crafted user-mode/application can exploit this to gain kernel-level privileges. Affected products include Windows XP (SP2/SP3), Windows Serv...
CVE-2002-1214
CVE-2002-1214 describes a buffer overflow in Microsoft PPTP Service affecting Windows XP and Windows 2000 (and Terminal Services) that can be triggered by a PPTP control data packet with malformed data. The vulnerability can lead to a denial of service and, in some cases, may allow the attacker t...
CVE-2002-1256
CVE-2002-1256 describes a flaw in SMB signing in Windows 2000/XP that lets an attacker disable SMB signing in a session and inject unsigned data, potentially modifying group policy information sent from a domain controller. Affected products are Microsoft Windows 2000 and Windows XP; the root cau...
CVE-2004-0979
Internet Explorer on Windows XP fails to honor the security setting for “Drag and drop or copy and paste files” when the user selects Disable or Prompt. This weakness can allow drag-and-drop operations to occur contrary to user intent, potentially enabling security-sensitive actions (e.g., copyin...
CVE-2004-1043
CVE-2004-1043 describes a cross-domain vulnerability in the HTML Help ActiveX control (hhctrl.ocx) used by Internet Explorer. If one hhctrl.ocx instance opens a Related Topics window in one domain and another opens content in a different domain with the same window name, the content can run in th...
CVE-2006-0020
CVE-2006-0020 describes a WMF parsing memory corruption affecting Internet Explorer on Windows platforms (e.g., IE 5.01 SP4 on 2000 SP4; 5.5 SP2 on Millennium) where a crafted WMF file with manipulated header size (potential integer overflow) can crash the process and may allow code execution. Th...
CVE-2006-0376
CVE-2006-0376 affects the 802.11 wireless client in certain Windows family systems (Windows 2000, XP, Server 2003). The vulnerability arises because the client does not warn users when it associates with an ad hoc (peer-to-peer) station, or when a station in ad hoc mode associates with it. This o...
CVE-2006-3873
CVE-2006-3873 describes a heap-based buffer overflow in URLMON.DLL of Microsoft Internet Explorer 6 SP1 on Windows 2000/XP SP1, exploitable via a long URL in a GZIP-compressed HTTP-redirected web page. The issue is tied to an incomplete fix for CVE-2006-3869 and is mitigated by applying the MS06-...
CVE-2006-4702
CVE-2006-4702 is a remote code execution vulnerability in the Windows Media Format Runtime used by Windows Media Player 6.4 and Windows XP SP2, Server 2003 and SP1. The root cause is an unchecked buffer overrun while processing ASF files, allowing a crafted ASF file to execute arbitrary code with...
CVE-2008-3464
CVE-2008-3464 (AFD Kernel Overwrite Vulnerability) is an elevation-of-privilege bug in the Microsoft AFD driver (afd.sys). It arises from improper validation of input passed from user mode to the Windows kernel, allowing a local attacker to execute arbitrary code with kernel privileges. Affected ...
CVE-2009-1545
CVE-2009-1545 is an AVI header parsing vulnerability in Windows affecting Avifil32.dll used by AVI header processing. A remote code execution could occur if a user opens a specially crafted AVI file, with affected OS versions listed as Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista (Gold/SP...
CVE-2009-3673
Microsoft Internet Explorer 7/8 are affected by CVE-2009-3673 (Uninitialized Memory Corruption). A remote code execution vulnerability exists due to improper handling of memory for objects that are uninitialized or deleted, exploitable via a specially crafted web page and potentially via heap spr...
CVE-2009-4210
CVE-2009-4210 describes memory corruption in the Microsoft Windows Indeo codec exposed by crafted media content, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The OpenVAS entries corroborate multiple vulnerabilities in the Indeo codec and list CVE-2009-4210 among the affected vulne...
CVE-2010-1098
The CVE-2010-1098 entry describes a denial-of-service flaw in the ANI parser found in Microsoft Windows prior to 7 on x86, used by Internet Explorer and other apps. A crafted biClrUsed value in the BITMAPINFO header of a .ANI file can cause memory and CPU exhaustion, leading to a DoS condition. A...
CVE-2010-1891
CVE-2010-1891 affects the Windows Client/Server Runtime Subsystem (CSRSS) in the Win32 subsystem on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from improper memory allocation for transactions when Chinese, Japanese, or Korean locales are enabled, allowing local users ...
CVE-2010-2567
CVE-2010-2567 is an RPC memory corruption vulnerability in the Windows XP SP2/SP3 and Windows Server 2003 SP2 RPC client. The root cause is improper memory allocation while parsing RPC responses, which allows a remote server or a man-in-the-middle attacker to execute arbitrary code via a malforme...
CVE-2011-0033
The CVE-2011-0033 entry concerns a vulnerability in the OpenType Compact Font Format (CFF) driver in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, and Windows 7). The issue stems from improper validation of parameter values when parsing OpenType fonts...
CVE-2011-0089
CVE-2011-0089 affects Windows kernel-mode driver win32k.sys across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The issue is improper validation of user-mode data by the Win32k subsystem, enabling local users to gain privileges via a c...