Lucene search
+L

663 matches found

CVE
CVE
added 2013/04/09 10:0 p.m.78 views

CVE-2013-1294

The CVE-2013-1294 entry describes a kernel race-condition vulnerability in the Windows family (XP SP2/3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT) where improper handling of in-memory objects can be abused by a crafted local application to ...

7CVSS6.3AI score0.01064EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.78 views

CVE-2013-3200

CVE-2013-3200 concerns a local-privilege-escalation in Windows USB handling. The vulnerability exists in kernel-mode USB drivers across multiple Windows releases (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, Windows RT). A crafted USB devi...

7.2CVSS7.4AI score0.05441EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.77 views

CVE-2001-0879

CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...

5CVSS7AI score0.08089EPSS
CVE
CVE
added 2005/10/21 4:0 a.m.77 views

CVE-2005-2118

Summary (CVE-2005-2118 / CVE-2005-2122) : Both vulnerabilities stem from how Windows Shell handles .lnk shortcut files, enabling remote code execution through crafted shortcuts or properties. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003. The issues differ in the...

5.1CVSS7.9AI score0.46292EPSS
CVE
CVE
added 2006/05/09 11:0 p.m.77 views

CVE-2006-0034

CVE-2006-0034 describes a heap-based buffer overflow in MSDTC’s RPC path (msdtcprx.dll BuildContextW/BuildContext) caused by an overly long fifth argument, triggering a bug in NdrAllocate. Affected products include Windows 2000/NT4-era MSDTC deployments, with the issue leading to denial of servic...

7.5CVSS7.9AI score0.30542EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.77 views

CVE-2009-2530

CVE-2009-2530 corresponds to an Internet Explorer memory corruption vulnerability (Uninitialized Memory Corruption) that could allow remote code execution when a user views a specially crafted Web page. Connected documents show Microsoft’s MS09-054 cumulative security update for Internet Explorer...

9.3CVSS7.2AI score0.22927EPSS
CVE
CVE
added 2010/03/31 7:0 p.m.77 views

CVE-2010-0489

The CVE-2010-0489 entry corresponds to a Race Condition Memory Corruption vulnerability in Microsoft Internet Explorer (affecting IE 5.01 SP4, 6, 6 SP1, and 7). The connected sources confirm a remote code execution scenario triggered by specially crafted HTML/Web content, with exploitation possib...

9.3CVSS7.3AI score0.23731EPSS
CVE
CVE
added 2010/03/31 7:0 p.m.77 views

CVE-2010-0490

CVE-2010-0490 is an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE6, IE6 SP1, IE7, IE8) that could allow remote code execution when IE accesses an object that has not been properly initialized or has been deleted. Exploitation involves viewing a specially crafted...

9.3CVSS7.6AI score0.29315EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.77 views

CVE-2010-1882

CVE-2010-1882 corresponds to a memory corruption/buffer overflow in the Microsoft DirectShow MPEG Layer-3 Audio Codec (l3codecx.ax). The vulnerability exists in the MPEG Layer-3 codec used by Windows Media/DirectShow and can be triggered by a specially crafted MPEG‑L3 audio stream in a media file...

9.3CVSS7.7AI score0.23415EPSS
CVE
CVE
added 2010/12/16 7:0 p.m.77 views

CVE-2010-3943

CVE-2010-3943 affects Windows kernel-mode Win32k.sys, where driver objects are not properly linked, enabling local privilege escalation through linked-list corruption. Affected products include Windows XP (SP2/SP3), Windows Server 2003 (SP2), Windows Vista (SP1/SP2), Windows Server 2008 (Gold, SP...

7.2CVSS6.4AI score0.01792EPSS
CVE
CVE
added 2012/02/02 5:0 p.m.77 views

CVE-2010-4562

CVE-2010-4562 affects Microsoft Windows platforms when using IPv6. It allows remote attackers to infer if a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and observing an Echo Reply (as demonstrated by thcping). The entry notes a typographical collision: so...

4.3CVSS6.3AI score0.15185EPSS
CVE
CVE
added 2013/04/09 10:0 p.m.77 views

CVE-2013-1283

CVE-2013-1283 affects Windows kernel-mode drivers, specifically Win32k.sys, with a local privilege-escalation due to race conditions from improper handling of memory objects. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Wind...

6.9CVSS6.4AI score0.01166EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.76 views

CVE-2004-0897

CVE-2004-0897 covers a remote code execution vulnerability in the Microsoft Windows Indexing Service (Indexing Service) on Windows XP and Windows Server 2003. The issue arises from an unchecked/lenient handling of query input leading to a buffer overflow, enabling an attacker to execute arbitrary...

10CVSS8.1AI score0.42824EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.76 views

CVE-2004-2339

CVE-2004-2339 affects Microsoft Windows 2000, XP, and possibly 2003. The vulnerability allows local users with SeDebugPrivilege to execute arbitrary code at kernel level and read/write kernel memory via NtSystemDebugControl, with argument pointer verification not performed. The issue is local and...

8.4CVSS7.7AI score0.01433EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.76 views

CVE-2005-1984

CVE-2005-1984 is a buffer overflow in the Microsoft Print Spooler (Spoolsv.exe) affecting Windows 2000, XP, and Windows Server 2003. The vulnerability allows remote code execution via a crafted Print Spooler Service packet or message. Microsoft/MS05-043 (KB896423) addresses the issue with an upda...

7.5CVSS7.7AI score0.54538EPSS
CVE
CVE
added 2009/04/15 3:49 a.m.76 views

CVE-2009-0088

CVE-2009-0088 describes a remote code execution vulnerability in the WordPerfect 6.x Converter (WPFT632.CNV) used by Word 2000 SP3 and the Office Converter Pack. The issue arises when the converter fails to properly validate the length of an input string, enabling a crafted WordPerfect 6.x docume...

9.3CVSS7.5AI score0.28446EPSS
CVE
CVE
added 2009/07/15 3:0 p.m.76 views

CVE-2009-0231

CVE-2009-0231 concerns a heap-based overflow in the Embedded OpenType Font Engine (T2EMBED.DLL) used by Microsoft Windows. The vulnerability stems from an integer truncation while processing OpenType font records, allowing remote attackers to execute arbitrary code by delivering a crafted EOT/Ope...

9.3CVSS8.7AI score0.37453EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.76 views

CVE-2009-1929

The CVE-2009-1929 entry maps to MS09-044 vulnerabilities in the Microsoft Remote Desktop Connection/Terminal Services Client ActiveX control. A heap-based buffer overflow in the ActiveX control (versions 5.2 and 6.1) could allow remote code execution when a user connects to a malicious server or ...

9.3CVSS8.1AI score0.34534EPSS
CVE
CVE
added 2010/04/14 3:44 p.m.76 views

CVE-2010-0236

The CVE-2010-0236 entry concerns a Windows kernel memory allocation vulnerability in which memory is not properly allocated for the destination key when extracting a symbolic‑link registry key. A local attacker could exploit this elevation‑of‑privilege flaw to execute code in kernel mode, potenti...

7.2CVSS6.3AI score0.01776EPSS
CVE
CVE
added 2010/06/08 10:0 p.m.76 views

CVE-2010-0484

CVE-2010-0484 affects Windows kernel-mode drivers in win32k.sys. The vulnerability arises from improper validation/memory handling when processing Device Contexts (DC) via GetDCEx, enabling local users to execute arbitrary code in kernel mode (ring0) on affected Windows versions. Affected are Win...

6.8CVSS7AI score0.01344EPSS
CVE
CVE
added 2010/06/08 10:0 p.m.76 views

CVE-2010-0811

CVE-2010-0811 corresponds to a remote code execution vulnerability in the Internet Explorer 8 Developer Tools ActiveX control (iedvtool.dll). Public sources (OpenVAS/Nessus entries) tie this to Microsoft IE/Win components and list affected Windows versions including 2000 SP4, XP SP2/SP3, Server 2...

9.3CVSS7.6AI score0.25924EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.76 views

CVE-2010-3974

CVE-2010-3974 is a memory corruption vulnerability in the Windows Fax Cover Page Editor (fxscover.exe) that occurs when parsing crafted Fax cover pages (.cov). A remote attacker could execute arbitrary code on affected systems by convincing a user to open a malicious fax cover page file. Affected...

7.6CVSS7.5AI score0.18511EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.76 views

CVE-2011-1894

The CVE-2011-1894 issue affects the MHTML protocol handler used by Microsoft Windows components (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/R2, Windows 7 SP1). The vulnerability arises from improper handling of a MIME format in requests for embedded content within an HTML docume...

4.3CVSS5.5AI score0.11411EPSS
CVE
CVE
added 2013/02/13 11:0 a.m.76 views

CVE-2013-1273

CVE-2013-1273 is a race condition in the win32k.sys kernel-mode driver that can allow local privilege escalation and reading arbitrary kernel memory on affected Windows platforms (XP SP2-SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP0-SP1). The vulnerability stems from timing/o...

4.9CVSS6.4AI score0.01525EPSS
CVE
CVE
added 2004/06/11 4:0 a.m.75 views

CVE-2004-0202

CVE-2004-0202 concerns a denial-of-service vulnerability in the DirectPlay API, specifically the IDirectPlay4 interfaces of DirectPlay within Microsoft DirectX. The issue arises from insufficient input/packet validation of incoming network data, enabling a remote attacker to crash a DirectPlay-ba...

5CVSS6.4AI score0.26175EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.75 views

CVE-2005-0044

CVE-2005-0044 is the Input Validation Vulnerability in the Windows OLE component that could allow remote code execution. The NVD/NVD-derived data unify that the issue affects Windows 98, 2000, XP, and Server 2003, as well as Exchange Server 5.0–2003, caused by improper validation of message lengt...

7.5CVSS7.4AI score0.33206EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.75 views

CVE-2005-0550

CVE-2005-0550 describes a buffer overflow in Microsoft Windows Object Management handling that could be exploited locally to cause a denial of service (system crash). Affected products include Windows 2000, Windows XP (SP1 and SP2), and Windows Server 2003. The underlying issue is an unchecked bu...

2.1CVSS6.4AI score0.02056EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.75 views

CVE-2005-1983

CVE-2005-1983 involves a stack-based buffer overflow in the Windows Plug and Play (PnP) service. Public details in connected sources describe a remote-code-execution vulnerability that can be triggered by a crafted PnP RPC packet, affecting Windows 2000 and Windows XP with SP1, and was notably ex...

10CVSS7.6AI score0.93405EPSS
CVE
CVE
added 2008/04/08 11:0 p.m.75 views

CVE-2008-1084

CVE-2008-1084 affects the Windows kernel (Win32k). The issue is a local privilege escalation in the kernel’s win32k.sys, traced to improper input validation, with one affected function allegedly NtUserFnOUTSTRING. Impact is local code execution with HIGH severity (CVSS v2 base 7.2) on Windows 200...

7.2CVSS6.8AI score0.06753EPSS
CVE
CVE
added 2009/04/15 3:49 a.m.75 views

CVE-2009-0235

The CVE-2009-0235 entry covers a stack-based buffer overflow in WordPad’s Word 97 text converter used to open Word 97 files on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP1/SP2. The root cause is a mismatch between a 32-bit length value from the file and the lower 16 bits used during a copy, ...

9.3CVSS7.9AI score0.33616EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.75 views

CVE-2009-1547

CVE-2009-1547 concerns Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7. The issue is a remote code execution vulnerability triggered by a crafted data-stream header causing memory corruption in the browser. Technical details across connected docs show that this affects legacy IE versions an...

9.3CVSS7.1AI score0.37436EPSS
Web
CVE
CVE
added 2010/03/31 7:0 p.m.75 views

CVE-2010-0494

CVE-2010-0494 is the HTML Element Cross-Domain Vulnerability in Internet Explorer (IE6/6 SP1/7/8) that allows information disclosure when a user drags one IE window across another. The issue affects IE’s handling of cross-domain scripting context and is addressed by Microsoft Security Bulletin MS...

4.3CVSS5.4AI score0.22893EPSS
CVE
CVE
added 2010/04/14 3:44 p.m.75 views

CVE-2010-0812

ISATAP IPv6 Source Address Spoofing vulnerability (CVE-2010-0812) affects Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008 SP2. The flaw in the Windows TCP/IP stack checks the inner IPv6 source in tunneled ISATAP packets, enabling spoofing that could bypass IPv4 source-address ...

6.4CVSS6.5AI score0.17452EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.75 views

CVE-2010-3222

CVE-2010-3222 describes a stack-based buffer overflow in the Windows Local Procedure Call subsystem (RPCSS) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability occurs during LPC–LRPC port message handling between LPC and the LRPC server, allowing a locally authenticated us...

7.2CVSS6.9AI score0.019EPSS
CVE
CVE
added 2011/02/09 12:0 a.m.75 views

CVE-2011-0090

CVE-2011-0090 concerns Win32k.sys in the kernel-mode drivers of affected Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The vulnerability stems from improper validation of data passed from user mode to kernel mode, enabling local privilege e...

7.2CVSS6.4AI score0.02078EPSS
CVE
CVE
added 2011/07/13 11:0 p.m.75 views

CVE-2011-1885

The CVE-2011-1885 issue affects Win32k.sys in multiple Windows OS versions (Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). It is a local privilege escalation caused by a NULL pointer dereference in kernel‑mode drivers, allowing a crafted a...

7.2CVSS6.4AI score0.0137EPSS
CVE
CVE
added 2002/10/05 4:0 a.m.74 views

CVE-2002-0693

The CVE-2002-0693 issue affects multiple Windows platforms (Windows 98, 98 SE, Millennium, NT 4.0 and Terminal Server, Windows 2000, Windows XP) through the HTML Help ActiveX control (hhctrl.ocx). The root cause is an unchecked/buffer overflow in the HTML Help facility ActiveX module that could b...

7.5CVSS7.2AI score0.52422EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.74 views

CVE-2002-1260

The CVE-2002-1260 vulnerability affects Microsoft Virtual Machine (VM) 5.0.3805 and earlier, where the JDBC APIs can be exploited by an untrusted Java applet to bypass security checks and access database contents. This is a remote, network‑vector issue that allows partial confidentiality/integrit...

7.5CVSS6.8AI score0.15444EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.74 views

CVE-2003-0010

The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...

7.5CVSS7.9AI score0.23773EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.74 views

CVE-2003-0807

CVE-2003-0807 : A denial-of-service vulnerability in Microsoft Windows where the COM Internet Services (CIS) and RPC over HTTP Proxy components can be overwhelmed by a crafted forwarded response, causing the backend to stop accepting requests. Related connected documents (MS04-012) identify this ...

5CVSS6.7AI score0.39539EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.74 views

CVE-2004-0568

HyperTerminal for Windows NT 4.0/2000/XP/Server 2003 contains a buffer overflow in session file handling due to improper validation of a value’s length. This allows a remote attacker to execute arbitrary code when a user opens a malicious HyperTerminal session file (.ht), or follows a web/Telnet ...

10CVSS7.9AI score0.35155EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.74 views

CVE-2004-1319

The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...

5CVSS6.6AI score0.26162EPSS
CVE
CVE
added 2005/06/15 4:0 a.m.74 views

CVE-2005-1208

CVE-2005-1208 describes a remote code execution vulnerability in Microsoft HTML Help (CHM/InfoTech Storage protocols like ms-its, ms-itss, its, mk:@MSITStore). The root cause is an integer overflow/heap-based buffer overflow when processing crafted CHM content with a large size field, exploitable...

10CVSS7.9AI score0.4715EPSS
CVE
CVE
added 2009/07/15 3:0 p.m.74 views

CVE-2009-0232

CVE-2009-0232: A remote-code-execution vulnerability in the Embedded OpenType (EOT) Font Engine. An integer overflow occurs while parsing EOT name tables, affecting Windows 2000 SP4; XP SP2/SP3; Server 2003 SP2; Vista SP1/SP2; and Server 2008 Gold/SP2. An attacker could exploit this via a crafted...

9.3CVSS8.7AI score0.25818EPSS
CVE
CVE
added 2009/07/29 5:0 p.m.74 views

CVE-2009-1919

Microsoft Internet Explorer variants 5.01–8 on Windows 2000–Vista/Server 2003/2008 are affected by an Uninitialized Memory Corruption vulnerability in memory handling of deleted objects when processing HTML with embedded style sheets. The connected KB describes MS09-034 (Cumulative Security Updat...

9.3CVSS7.5AI score0.3404EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.74 views

CVE-2009-2513

CVE-2009-2513 is the Win32k Insufficient Data Validation Vulnerability affecting the Windows kernel-mode GDI path (win32k.sys). The issue stems from improper validation of user-mode input in the GDI subsystem, allowing local users to execute arbitrary code in kernel mode and escalate privileges. ...

7.2CVSS6AI score0.01546EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.74 views

CVE-2009-2531

CVE-2009-2531 corresponds to an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE 6, 6 SP1, 7, and 8). The connected MSKB MS09-054 describes a cumulative security update that mitigates remote code execution by requiring users visit a malicious page; applying the MS0...

9.3CVSS7.2AI score0.22927EPSS
CVE
CVE
added 2010/03/03 7:0 p.m.74 views

CVE-2010-0483

CVE-2010-0483 targets VBScript.dll in VBScript 5.1/5.6/5.7/5.8 on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. When Internet Explorer is used, referencing a crafted .hlp file via the MsgBox function’s helpfile argument (local, UNC, or WebDAV) can lead to code execution via winhlp32.exe if t...

7.6CVSS7.4AI score0.86367EPSS
CVE
CVE
added 2010/12/16 7:0 p.m.74 views

CVE-2010-3940

CVE-2010-3940 is a Windows kernel-mode driver (win32k.sys) vulnerability described as a double-free in the Win32k PFE pointer handling that could allow local privilege elevation. Affected platforms include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Go...

7.2CVSS6.4AI score0.01641EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.74 views

CVE-2011-0028

CVE-2011-0028 concerns a vulnerability in Microsoft WordPad Text Converters used by WordPad on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is an error in the WordPad converter that fails to correctly parse certain Word document fields (notably sprmTTextFlow and sprmTSplit), all...

9.3CVSS7.5AI score0.23596EPSS
Total number of security vulnerabilities663