663 matches found
CVE-2009-2503
CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...
CVE-2004-0117
The CVE-2004-0117 entry maps to a buffer-overflow in the Microsoft H.323 implementation that enables remote code execution. The connected MS04-0117 data clarifies that NetMeeting (and other H.323‑using components such as TAPI‑based H.323 apps, ICF, Routing and Remote Access) can be affected on Wi...
CVE-2008-1454
Technical details about CVE-2008-1454 (affected product, vulnerable component, impact, patch) are not publicly provided in the connected documents. Monitor for updates.
CVE-2013-3129
CVE-2013-3129 concerns a TrueType Font (TTF) parsing vulnerability that allows remote code execution. Affected products include Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5; Silverlight 5 prior to 5.1.20513.0; and GDI+, DirectWrite, Journal in various Windows versions (XP through Windows ...
CVE-2002-2185
The CVE-2002-2185 issue concerns a flaw in IGMP processing in the Linux kernel that could let a local attacker cause a denial of service by sending an IGMP membership report addressed to a target’s Ethernet address rather than the multicast group address. Public advisories (e.g., RHSA-2006:0101 a...
CVE-2007-1765
CVE-2007-1765 refers to a remote code execution/DoS vulnerability in Microsoft Windows (Windows 2000 SP4 through Vista) via a malformed ANI file that corrupts memory while processing cursors/animated cursors/icons in LoadAniIcon() of USER32.dll. Connected sources identify this as MS07-017 (RIFF/A...
CVE-2014-0317
CVE-2014-0317 is the SAMR Security Feature Bypass vulnerability in Microsoft Windows, affecting Windows XP SP2-SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows Server 2012 (Gold/R2). The issue stems from the Security Account Manager Remote (SAMR) protoc...
CVE-2010-0269
CVE-2010-0269 is a remote code execution vulnerability in the Microsoft SMB client. The issue arises from improper memory allocation when parsing specially crafted SMB responses, enabling an unauthenticated attacker to execute arbitrary code on a vulnerable system by sending a crafted SMB respons...
CVE-2010-2566
The CVE-2010-2566 issue is a remote code execution vulnerability in Microsoft Windows SChannel (TLS/SSL) where the SChannel security package fails to properly validate certificate request messages from TLS/SSL servers. This affects Windows XP SP2/SP3 and Windows Server 2003 SP2. An attacker could...
CVE-2010-1885
The CVE-2010-1885 entry concerns the Windows Help and Support Center (HelpCtr) in Windows XP and Windows Server 2003. The vulnerability stems from the MPC::HexToNum function in helpctr.exe failing to properly handle malformed escape sequences, allowing a crafted hcp:// URL to bypass the trusted d...
CVE-2011-3400
CVE-2011-3400 is a Windows OLE handling vulnerability affecting XP SP2/SP3 and Windows Server 2003 SP2. The issue stems from improper in-memory handling of OLE objects, allowing remote code execution when a crafted file containing an OLE object is opened. Public references and exploits/documentat...
CVE-2001-0876
CVE-2001-0876 describes a buffer overflow in the UPnP NOTIFY handling on Windows XP, ME, 98/98SE, exploitable via a long Location URL in NOTIFY directives. OpenVAS and CERT/CC advisories corroborate a remote-code-execution risk with SYSTEM privileges on XP (and similar impacts on ME/98/98SE); a s...
CVE-2002-0724
CVE-2002-0724 (MS02-045) describes a remote DoS in Windows SMB where handling SMB_COM_TRANSACTION with NetShareEnum/NetServerEnum2/NetServerEnum3 can overflow the heap when Max Param/Data Count is 0. A crafted packet may crash the host (Blue Screen) and, per CERT/Core advisories, might enable fur...
CVE-2004-1049
CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...
CVE-2006-1314
CVE-2006-1314 is a heap-based buffer overflow in the Windows Server Service (SRV.SYS) that affects Windows 2000 SP4, XP SP1/SP2, and Server 2003 (up to SP1). The vulnerability allows remote code execution via crafted first-class Mailslot messages, triggering memory corruption and bypassing size r...
CVE-2004-0840
CVE-2004-0840 describes a remote code execution vulnerability in the SMTP component of Microsoft Windows XP 64‑Bit Edition, Windows Server 2003 (and 64‑Bit) and the Exchange Routing Engine of Exchange Server 2003. The issue is a buffer/length handling flaw triggered by malicious DNS responses dur...
CVE-2009-2498
The CVE-2009-2498 entry corresponds to a code-execution vulnerability in Microsoft Windows Media Format Runtime (versions 9.0, 9.5, 11) and Windows Media Services 9.1/2008, triggered by parsing malformed ASF/WMV/WMA headers. Connected advisories (e.g., CPAI-2014-1114; OpenVAS 901012) corroborate ...
CVE-2005-4560
CVE-2005-4560 is a Windows GDI/WMF parsing vulnerability in GDI32.DLL that allows remote code execution via a crafted WMF image using the SETABORTPROC GDI Escape function, with SHIMGVW.DLL involved. The issue is tied to WMF/EMF processing in Windows, and public details describe arbitrary code exe...
CVE-2010-0555
CVE-2010-0555 affects Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8. The root cause is URLMON sniffing that allows rendering of non-HTML local files as HTML documents after a redirect, bypassing access restrictions and enabling read of arbitrary files. The description identifies this a...
CVE-2011-1281
CVE-2011-1281 affects the Client/Server Run-time Subsystem (CSRSS) in the Win32 subsystem across multiple Windows versions: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and Windows 7 Gold/SP1. The issue stems from AllocConsole() handling when...
CVE-2011-1991
CVE-2011-1991 describes multiple untrusted search path vulnerabilities in Windows components that allow local privilege elevation via Trojan horse DLLs loaded from the current working directory. Affected products include Windows XP SP2/ SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Ser...
CVE-2012-2556
CVE-2012-2556 : OpenType Font (OTF) parsing vulnerability in Windows kernel‑mode drivers allows remote code execution via a crafted font file. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT. Root cause: improper hand...
CVE-2009-2514
CVE-2009-2514 is a Win32k.sys remote code execution vulnerability in the embedded OpenType (EOT) font parsing path. The kernel component on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2 parses EOT fonts and can be coerced by a crafted font to execute arbitrary code with kernel privileges. The...
CVE-2004-0209
CVE-2004-0209 describes a buffer overflow in the Windows Graphics Rendering Engine during parsing of Windows Metafile (WMF) and Enhanced Metafile (EMF) formats, allowing remote code execution with the privileges of the logged-in user on affected Windows versions (Windows 2000, XP, and Server 2003...
CVE-2009-2499
The CVE-2009-2499 issue affects Microsoft Windows components: Windows Media Format Runtime versions 9.0, 9.5, and 11, and Windows Media Foundation on Windows Vista (Gold, SP1, SP2) and Server 2008. The vulnerability arises when processing MP3 files with crafted metadata, triggering memory corrupt...
CVE-2009-3677
CVE-2009-3677 describes an elevation-of-privilege bypass in the Internet Authentication Service (IAS) used by Microsoft Windows products. The issue arises because MS-CHAP v2 authentication requests sent over PEAP are not properly validated, allowing remote attackers to gain access to network reso...
CVE-2010-2739
The CVE-2010-2739 issue is a buffer overflow in the Windows win32k.sys CreateDIBPalette() function. A crafted bitmap with a very large color palette, used via GetClipboardData, can crash the system and may allow arbitrary code execution locally on affected Windows versions: XP SP3, Server 2003 R2...
CVE-2013-1278
CVE-2013-1278 describes a kernel race condition in Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. The vulnerability allows local privilege elevation via crafted objects in memory, as part o...
CVE-2003-0906
CVE-2003-0906 is a buffer overrun in Windows WMF/EMF rendering that allows remote code execution via a malformed WMF/EMF image on Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1. Exploitation occurs when rendering or displaying the crafted metafile/image; Windows 2000/XP/NT systems ...
CVE-2007-1204
The CVE-2007-1204 issue affects Microsoft Windows XP SP2 with the UPnP service. It is a stack-based buffer overflow triggered by specially crafted HTTP headers in UPnP requests/notifications, allowing a remote attacker on the same subnet to execute arbitrary code in the context of the vulnerable ...
CVE-2008-4038
CVE-2008-4038 describes a remote code execution vulnerability in Microsoft Windows SMB file-name handling (SMB buffer underflow). The issue affects multiple Windows versions (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista SP1, and Server 2008) and arises when a specially craft...
CVE-2009-0320
Microsoft Windows taskmgr.exe Information Disclosure Vulnerability (CVE-2009-0320) affects Windows XP, Server 2003/2008, and Vista. The issue exposes I/O activity measurements for all processes, enabling local users to infer sensitive information by reading the I/O Other Bytes column in Task Mana...
CVE-2013-3661
CVE-2013-3661 affects Windows with the EPATHOBJ::bFlatten function in win32k.sys across Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, and Windows RT. The root cause is improper checking of linked-list traversal in PATHRECORD chains,...
CVE-2006-6696
CVE-2006-6696 is a CSRSS vulnerability in Windows where improper handling of a MessageBox call with MB_SERVICE_NOTIFICATION can send a crafted HardError to CSRSS, enabling remote code execution. Public details indicate the issue affects multiple Windows versions (Windows 2000, XP, Server 2003, Vi...
CVE-2007-3091
CVE-2007-3091 is the Internet Explorer cross-domain document switching race-condition vulnerability. The issue occurs in Internet Explorer (notably IE6 SP1 and IE7 on multiple Windows versions) where a page transition can inadvertently reveal or execute content across origins due to a race betwee...
CVE-2010-1886
CVE-2010-1886 represents a local privilege-escalation issue in Windows where an attacker with access to a process running under the NetworkService account can gain LocalSystem privileges via the Windows Service Isolation mechanism. Documented vectors involve the TAPI Server and other services suc...
CVE-2010-1895
CVE-2010-1895 affects Windows kernel-mode driver win32k.sys on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is improper memory allocation when copying data from user mode to kernel mode, enabling local privilege escalation via a crafted application. Microsoft released patch MS10...
CVE-2011-1974
Affected software and root cause: The vulnerability CVE-2011-1974 affects the NDISTAPI.sys driver in the Remote Access Service (RAS) on Microsoft Windows XP SP2/SP3 and Windows Server 2003 SP2. It arises from improper validation of user-mode input by the NDISTAPI driver, which can be exploited to...
CVE-2013-1345
CVE-2013-1345 affects the Windows kernel-mode driver component Win32k.sys across multiple Windows/Server editions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7, 8, Server 2012, Windows RT). The vulnerability arises from improper handling of objects in memory within Win32k...
CVE-2003-0717
CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...
CVE-2004-0212
CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...
CVE-2004-0571
CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...
CVE-2012-2897
CVE-2012-2897 is a Windows kernel‑mode driver vulnerability known as the TrueType Font Parsing vulnerability. It affects multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT) and is triggered by processing a craf...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2003-0719
CVE-2003-0719 is a buffer overflow in the Microsoft SSL library’s Private Communications Transport (PCT) implementation. The vulnerability allows remote code execution via crafted PCT 1.0 handshake packets on affected Windows family systems (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003, NetMeet...
CVE-2003-0806
CVE-2003-0806 is a Winlogon buffer-overflow vulnerability in Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1 where a domain-joined user’s domain data is read during logon without proper bounds checking. The root cause is an unchecked size of a value used during logon that is inserte...
CVE-2004-0206
CVE-2004-0206 describes a stack/unchecked-buffer overflow in the Windows NetDDE service that allows remote code execution or local privilege elevation. Affected platforms include Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The root cause is a buffer overflow tri...
CVE-2007-6753
CVE-2007-6753 describes an untrusted search path vulnerability in Shell32.dll affecting Windows 2000, XP, Vista, Server 2008, and 7. When an environment contains a string like %APPDATA% or %PROGRAMFILES% in a specific way, a Trojan horse DLL placed in the current working directory can be loaded, ...
CVE-2010-0252
CVE-2010-0252 describes a remote code execution risk in the Microsoft Data Analyzer ActiveX control (max3activex.dll) used in Office/Excel components. A crafted web page can corrupt the system state and run arbitrary code with the caller’s privileges. Microsoft addressed this via MS10-034, which ...
CVE-2004-0901
CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...