Lucene search
K

663 matches found

CVE
CVE
added 2009/10/14 10:0 a.m.103 views

CVE-2009-2503

CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...

9.3CVSS9.6AI score0.22205EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.102 views

CVE-2004-0117

The CVE-2004-0117 entry maps to a buffer-overflow in the Microsoft H.323 implementation that enables remote code execution. The connected MS04-0117 data clarifies that NetMeeting (and other H.323‑using components such as TAPI‑based H.323 apps, ICF, Routing and Remote Access) can be affected on Wi...

7.5CVSS7.8AI score0.26377EPSS
CVE
CVE
added 2008/07/08 11:0 p.m.102 views

CVE-2008-1454

Technical details about CVE-2008-1454 (affected product, vulnerable component, impact, patch) are not publicly provided in the connected documents. Monitor for updates.

9.4CVSS6.2AI score0.34072EPSS
CVE
CVE
added 2013/07/10 1:0 a.m.102 views

CVE-2013-3129

CVE-2013-3129 concerns a TrueType Font (TTF) parsing vulnerability that allows remote code execution. Affected products include Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5; Silverlight 5 prior to 5.1.20513.0; and GDI+, DirectWrite, Journal in various Windows versions (XP through Windows ...

9.3CVSS7.3AI score0.32378EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.101 views

CVE-2002-2185

The CVE-2002-2185 issue concerns a flaw in IGMP processing in the Linux kernel that could let a local attacker cause a denial of service by sending an IGMP membership report addressed to a target’s Ethernet address rather than the multicast group address. Public advisories (e.g., RHSA-2006:0101 a...

4.9CVSS4.5AI score0.02493EPSS
CVE
CVE
added 2007/03/30 12:0 a.m.101 views

CVE-2007-1765

CVE-2007-1765 refers to a remote code execution/DoS vulnerability in Microsoft Windows (Windows 2000 SP4 through Vista) via a malformed ANI file that corrupts memory while processing cursors/animated cursors/icons in LoadAniIcon() of USER32.dll. Connected sources identify this as MS07-017 (RIFF/A...

9.3CVSS7.7AI score0.54326EPSS
CVE
CVE
added 2014/03/12 1:0 a.m.101 views

CVE-2014-0317

CVE-2014-0317 is the SAMR Security Feature Bypass vulnerability in Microsoft Windows, affecting Windows XP SP2-SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows Server 2012 (Gold/R2). The issue stems from the Security Account Manager Remote (SAMR) protoc...

5.4CVSS6.5AI score0.10249EPSS
CVE
CVE
added 2010/04/14 3:44 p.m.100 views

CVE-2010-0269

CVE-2010-0269 is a remote code execution vulnerability in the Microsoft SMB client. The issue arises from improper memory allocation when parsing specially crafted SMB responses, enabling an unauthenticated attacker to execute arbitrary code on a vulnerable system by sending a crafted SMB respons...

10CVSS7.5AI score0.28401EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.100 views

CVE-2010-2566

The CVE-2010-2566 issue is a remote code execution vulnerability in Microsoft Windows SChannel (TLS/SSL) where the SChannel security package fails to properly validate certificate request messages from TLS/SSL servers. This affects Windows XP SP2/SP3 and Windows Server 2003 SP2. An attacker could...

9.3CVSS8.1AI score0.15355EPSS
CVE
CVE
added 2010/06/14 6:0 p.m.99 views

CVE-2010-1885

The CVE-2010-1885 entry concerns the Windows Help and Support Center (HelpCtr) in Windows XP and Windows Server 2003. The vulnerability stems from the MPC::HexToNum function in helpctr.exe failing to properly handle malformed escape sequences, allowing a crafted hcp:// URL to bypass the trusted d...

9.3CVSS7.2AI score0.75458EPSS
Web
CVE
CVE
added 2011/12/14 12:0 a.m.99 views

CVE-2011-3400

CVE-2011-3400 is a Windows OLE handling vulnerability affecting XP SP2/SP3 and Windows Server 2003 SP2. The issue stems from improper in-memory handling of OLE objects, allowing remote code execution when a crafted file containing an OLE object is opened. Public references and exploits/documentat...

9.3CVSS7.4AI score0.71722EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.97 views

CVE-2001-0876

CVE-2001-0876 describes a buffer overflow in the UPnP NOTIFY handling on Windows XP, ME, 98/98SE, exploitable via a long Location URL in NOTIFY directives. OpenVAS and CERT/CC advisories corroborate a remote-code-execution risk with SYSTEM privileges on XP (and similar impacts on ME/98/98SE); a s...

7.5CVSS7.7AI score0.49483EPSS
CVE
CVE
added 2002/08/24 4:0 a.m.97 views

CVE-2002-0724

CVE-2002-0724 (MS02-045) describes a remote DoS in Windows SMB where handling SMB_COM_TRANSACTION with NetShareEnum/NetServerEnum2/NetServerEnum3 can overflow the heap when Max Param/Data Count is 0. A crafted packet may crash the host (Blue Screen) and, per CERT/Core advisories, might enable fur...

7.5CVSS6.5AI score0.30132EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.97 views

CVE-2004-1049

CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...

5.1CVSS7.7AI score0.29743EPSS
Web
CVE
CVE
added 2006/07/11 9:0 p.m.97 views

CVE-2006-1314

CVE-2006-1314 is a heap-based buffer overflow in the Windows Server Service (SRV.SYS) that affects Windows 2000 SP4, XP SP1/SP2, and Server 2003 (up to SP1). The vulnerability allows remote code execution via crafted first-class Mailslot messages, triggering memory corruption and bypassing size r...

7.5CVSS7.8AI score0.64231EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.96 views

CVE-2004-0840

CVE-2004-0840 describes a remote code execution vulnerability in the SMTP component of Microsoft Windows XP 64‑Bit Edition, Windows Server 2003 (and 64‑Bit) and the Exchange Routing Engine of Exchange Server 2003. The issue is a buffer/length handling flaw triggered by malicious DNS responses dur...

10CVSS7.4AI score0.30291EPSS
CVE
CVE
added 2009/09/08 10:0 p.m.96 views

CVE-2009-2498

The CVE-2009-2498 entry corresponds to a code-execution vulnerability in Microsoft Windows Media Format Runtime (versions 9.0, 9.5, 11) and Windows Media Services 9.1/2008, triggered by parsing malformed ASF/WMV/WMA headers. Connected advisories (e.g., CPAI-2014-1114; OpenVAS 901012) corroborate ...

9.3CVSS7.4AI score0.2121EPSS
CVE
CVE
added 2005/12/28 7:0 p.m.95 views

CVE-2005-4560

CVE-2005-4560 is a Windows GDI/WMF parsing vulnerability in GDI32.DLL that allows remote code execution via a crafted WMF image using the SETABORTPROC GDI Escape function, with SHIMGVW.DLL involved. The issue is tied to WMF/EMF processing in Windows, and public details describe arbitrary code exe...

7.5CVSS7.1AI score0.86476EPSS
CVE
CVE
added 2010/02/04 8:0 p.m.95 views

CVE-2010-0555

CVE-2010-0555 affects Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8. The root cause is URLMON sniffing that allows rendering of non-HTML local files as HTML documents after a redirect, bypassing access restrictions and enabling read of arbitrary files. The description identifies this a...

9.3CVSS6.2AI score0.20949EPSS
CVE
CVE
added 2011/07/13 10:0 p.m.95 views

CVE-2011-1281

CVE-2011-1281 affects the Client/Server Run-time Subsystem (CSRSS) in the Win32 subsystem across multiple Windows versions: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and Windows 7 Gold/SP1. The issue stems from AllocConsole() handling when...

7.2CVSS6.5AI score0.02116EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.95 views

CVE-2011-1991

CVE-2011-1991 describes multiple untrusted search path vulnerabilities in Windows components that allow local privilege elevation via Trojan horse DLLs loaded from the current working directory. Affected products include Windows XP SP2/ SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Ser...

9.3CVSS6.6AI score0.12123EPSS
CVE
CVE
added 2012/12/12 12:0 a.m.95 views

CVE-2012-2556

CVE-2012-2556 : OpenType Font (OTF) parsing vulnerability in Windows kernel‑mode drivers allows remote code execution via a crafted font file. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT. Root cause: improper hand...

9.3CVSS7.5AI score0.20766EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.94 views

CVE-2009-2514

CVE-2009-2514 is a Win32k.sys remote code execution vulnerability in the embedded OpenType (EOT) font parsing path. The kernel component on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2 parses EOT fonts and can be coerced by a crafted font to execute arbitrary code with kernel privileges. The...

9.3CVSS7.1AI score0.47489EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.93 views

CVE-2004-0209

CVE-2004-0209 describes a buffer overflow in the Windows Graphics Rendering Engine during parsing of Windows Metafile (WMF) and Enhanced Metafile (EMF) formats, allowing remote code execution with the privileges of the logged-in user on affected Windows versions (Windows 2000, XP, and Server 2003...

10CVSS7.2AI score0.62054EPSS
Web
CVE
CVE
added 2009/09/08 10:0 p.m.93 views

CVE-2009-2499

The CVE-2009-2499 issue affects Microsoft Windows components: Windows Media Format Runtime versions 9.0, 9.5, and 11, and Windows Media Foundation on Windows Vista (Gold, SP1, SP2) and Server 2008. The vulnerability arises when processing MP3 files with crafted metadata, triggering memory corrupt...

8.5CVSS7.5AI score0.15546EPSS
CVE
CVE
added 2009/12/09 6:0 p.m.93 views

CVE-2009-3677

CVE-2009-3677 describes an elevation-of-privilege bypass in the Internet Authentication Service (IAS) used by Microsoft Windows products. The issue arises because MS-CHAP v2 authentication requests sent over PEAP are not properly validated, allowing remote attackers to gain access to network reso...

10CVSS6.5AI score0.2182EPSS
CVE
CVE
added 2010/09/07 5:0 p.m.93 views

CVE-2010-2739

The CVE-2010-2739 issue is a buffer overflow in the Windows win32k.sys CreateDIBPalette() function. A crafted bitmap with a very large color palette, used via GetClipboardData, can crash the system and may allow arbitrary code execution locally on affected Windows versions: XP SP3, Server 2003 R2...

7.2CVSS7.6AI score0.03745EPSS
CVE
CVE
added 2013/02/13 11:0 a.m.93 views

CVE-2013-1278

CVE-2013-1278 describes a kernel race condition in Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. The vulnerability allows local privilege elevation via crafted objects in memory, as part o...

7.4CVSS6.2AI score0.00942EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.92 views

CVE-2003-0906

CVE-2003-0906 is a buffer overrun in Windows WMF/EMF rendering that allows remote code execution via a malformed WMF/EMF image on Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1. Exploitation occurs when rendering or displaying the crafted metafile/image; Windows 2000/XP/NT systems ...

7.6CVSS7.9AI score0.25123EPSS
CVE
CVE
added 2007/04/10 9:0 p.m.92 views

CVE-2007-1204

The CVE-2007-1204 issue affects Microsoft Windows XP SP2 with the UPnP service. It is a stack-based buffer overflow triggered by specially crafted HTTP headers in UPnP requests/notifications, allowing a remote attacker on the same subnet to execute arbitrary code in the context of the vulnerable ...

6.8CVSS7.9AI score0.08838EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.92 views

CVE-2008-4038

CVE-2008-4038 describes a remote code execution vulnerability in Microsoft Windows SMB file-name handling (SMB buffer underflow). The issue affects multiple Windows versions (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista SP1, and Server 2008) and arises when a specially craft...

10CVSS7.3AI score0.3917EPSS
CVE
CVE
added 2009/01/28 6:0 p.m.92 views

CVE-2009-0320

Microsoft Windows taskmgr.exe Information Disclosure Vulnerability (CVE-2009-0320) affects Windows XP, Server 2003/2008, and Vista. The issue exposes I/O activity measurements for all processes, enabling local users to infer sensitive information by reading the I/O Other Bytes column in Task Mana...

4CVSS6.4AI score0.01446EPSS
CVE
CVE
added 2013/05/24 8:0 p.m.92 views

CVE-2013-3661

CVE-2013-3661 affects Windows with the EPATHOBJ::bFlatten function in win32k.sys across Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, and Windows RT. The root cause is improper checking of linked-list traversal in PATHRECORD chains,...

4.9CVSS6.2AI score0.03852EPSS
CVE
CVE
added 2006/12/22 2:0 a.m.91 views

CVE-2006-6696

CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...

6.9CVSS6.2AI score0.03284EPSS
CVE
CVE
added 2007/06/06 9:0 p.m.91 views

CVE-2007-3091

CVE-2007-3091 is the Internet Explorer cross-domain document switching race-condition vulnerability. The issue occurs in Internet Explorer (notably IE6 SP1 and IE7 on multiple Windows versions) where a page transition can inadvertently reveal or execute content across origins due to a race betwee...

7.1CVSS7.2AI score0.27748EPSS
CVE
CVE
added 2010/08/16 6:25 p.m.91 views

CVE-2010-1886

CVE-2010-1886 represents a local privilege-escalation issue in Windows where an attacker with access to a process running under the NetworkService account can gain LocalSystem privileges via the Windows Service Isolation mechanism. Documented vectors involve the TAPI Server and other services suc...

6.8CVSS7.5AI score0.01407EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.91 views

CVE-2010-1895

CVE-2010-1895 affects Windows kernel-mode driver win32k.sys on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is improper memory allocation when copying data from user mode to kernel mode, enabling local privilege escalation via a crafted application. Microsoft released patch MS10...

7.2CVSS6.2AI score0.01591EPSS
CVE
CVE
added 2011/08/10 9:16 p.m.91 views

CVE-2011-1974

Affected software and root cause: The vulnerability CVE-2011-1974 affects the NDISTAPI.sys driver in the Remote Access Service (RAS) on Microsoft Windows XP SP2/SP3 and Windows Server 2003 SP2. It arises from improper validation of user-mode input by the NDISTAPI driver, which can be exploited to...

7.2CVSS6.4AI score0.06983EPSS
Web
CVE
CVE
added 2013/07/10 1:0 a.m.91 views

CVE-2013-1345

CVE-2013-1345 affects the Windows kernel-mode driver component Win32k.sys across multiple Windows/Server editions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7, 8, Server 2012, Windows RT). The vulnerability arises from improper handling of objects in memory within Win32k...

7.2CVSS6.3AI score0.01743EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.90 views

CVE-2003-0717

CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...

7.5CVSS7.9AI score0.63464EPSS
CVE
CVE
added 2004/07/14 4:0 a.m.90 views

CVE-2004-0212

CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...

10CVSS7.7AI score0.66952EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.90 views

CVE-2004-0571

CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...

10CVSS7.6AI score0.30724EPSS
CVE
CVE
added 2012/09/26 10:0 a.m.90 views

CVE-2012-2897

CVE-2012-2897 is a Windows kernel‑mode driver vulnerability known as the TrueType Font Parsing vulnerability. It affects multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT) and is triggered by processing a craf...

10CVSS7.3AI score0.21689EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.89 views

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

10CVSS7.4AI score0.15303EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.89 views

CVE-2003-0719

CVE-2003-0719 is a buffer overflow in the Microsoft SSL library’s Private Communications Transport (PCT) implementation. The vulnerability allows remote code execution via crafted PCT 1.0 handshake packets on affected Windows family systems (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003, NetMeet...

7.5CVSS7.8AI score0.83412EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.89 views

CVE-2003-0806

CVE-2003-0806 is a Winlogon buffer-overflow vulnerability in Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1 where a domain-joined user’s domain data is read during logon without proper bounds checking. The root cause is an unchecked size of a value used during logon that is inserte...

7.5CVSS7.9AI score0.32936EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.89 views

CVE-2004-0206

CVE-2004-0206 describes a stack/unchecked-buffer overflow in the Windows NetDDE service that allows remote code execution or local privilege elevation. Affected platforms include Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The root cause is a buffer overflow tri...

7.5CVSS7.5AI score0.77002EPSS
CVE
CVE
added 2012/03/28 7:0 p.m.89 views

CVE-2007-6753

CVE-2007-6753 describes an untrusted search path vulnerability in Shell32.dll affecting Windows 2000, XP, Vista, Server 2008, and 7. When an environment contains a string like %APPDATA% or %PROGRAMFILES% in a specific way, a Trojan horse DLL placed in the current working directory can be loaded, ...

6.2CVSS6.7AI score0.01818EPSS
CVE
CVE
added 2010/02/10 6:0 p.m.89 views

CVE-2010-0252

CVE-2010-0252 describes a remote code execution risk in the Microsoft Data Analyzer ActiveX control (max3activex.dll) used in Office/Excel components. A crafted web page can corrupt the system state and run arbitrary code with the caller’s privileges. Microsoft addressed this via MS10-034, which ...

9.3CVSS7.4AI score0.28762EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.88 views

CVE-2004-0901

CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...

10CVSS7.5AI score0.31053EPSS
Total number of security vulnerabilities663