Lucene search
K

663 matches found

CVE
CVE
added 2005/08/10 4:0 a.m.73 views

CVE-2005-1983

CVE-2005-1983 involves a stack-based buffer overflow in the Windows Plug and Play (PnP) service. Public details in connected sources describe a remote-code-execution vulnerability that can be triggered by a crafted PnP RPC packet, affecting Windows 2000 and Windows XP with SP1, and was notably ex...

10CVSS7.6AI score0.93405EPSS
CVE
CVE
added 2009/07/15 3:0 p.m.73 views

CVE-2009-0232

CVE-2009-0232: A remote-code-execution vulnerability in the Embedded OpenType (EOT) Font Engine. An integer overflow occurs while parsing EOT name tables, affecting Windows 2000 SP4; XP SP2/SP3; Server 2003 SP2; Vista SP1/SP2; and Server 2008 Gold/SP2. An attacker could exploit this via a crafted...

9.3CVSS8.7AI score0.25818EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.73 views

CVE-2009-1126

CVE-2009-1126 corresponds to the Windows Desktop Parameter Edit Vulnerability. Affected products are Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP2. The kernel fails to properly validate user-mode input when editing a specific desktop parameter, enabling a local attacker to execute cod...

7.2CVSS6.3AI score0.01438EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.73 views

CVE-2009-2531

CVE-2009-2531 corresponds to an Uninitialized Memory Corruption vulnerability in Microsoft Internet Explorer (IE 6, 6 SP1, 7, and 8). The connected MSKB MS09-054 describes a cumulative security update that mitigates remote code execution by requiring users visit a malicious page; applying the MS0...

9.3CVSS7.2AI score0.22927EPSS
CVE
CVE
added 2009/12/09 6:0 p.m.73 views

CVE-2009-3675

CVE-2009-3675 describes a denial-of-service vulnerability in Windows LSASS (Local Security Authority Subsystem Service) where remote authenticated attackers can exhaust CPU resources by sending specially crafted ISAKMP messages over IPsec. Affected: Windows 2000 SP4, XP SP2/SP3, and Server 2003 S...

6.8CVSS6AI score0.24705EPSS
CVE
CVE
added 2010/03/03 7:0 p.m.73 views

CVE-2010-0483

CVE-2010-0483 targets VBScript.dll in VBScript 5.1/5.6/5.7/5.8 on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. When Internet Explorer is used, referencing a crafted .hlp file via the MsgBox function’s helpfile argument (local, UNC, or WebDAV) can lead to code execution via winhlp32.exe if t...

7.6CVSS7.4AI score0.86367EPSS
CVE
CVE
added 2010/12/16 7:0 p.m.73 views

CVE-2010-3940

CVE-2010-3940 is a Windows kernel-mode driver (win32k.sys) vulnerability described as a double-free in the Win32k PFE pointer handling that could allow local privilege elevation. Affected platforms include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Go...

7.2CVSS6.4AI score0.01641EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.73 views

CVE-2011-0662

CVE-2011-0662 is a Win32k.sys use-after-free vulnerability in Windows kernel-mode drivers that allows a local user to escalate privileges via a crafted application, due to incorrect driver object management. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 (Gold, SP2, R2,...

7.2CVSS6.4AI score0.01561EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.73 views

CVE-2011-1268

CVE-2011-1268 affects the SMB client in various Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The issue is a remote code execution flaw caused by improper parsing of crafted SMB responses (SMBv1 or SMBv2), allowing an attacker to execute ar...

10CVSS7.5AI score0.11051EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.73 views

CVE-2011-3408

CVE-2011-3408 describes a local privilege-escalation vulnerability in the Windows Client/Server Run-time Subsystem (CSRSS). Csrsrv.dll in CSRSS fails to properly check permissions when a lower-integrity process sends inter-process device-event messages to a higher-integrity process, allowing a lo...

7.2CVSS6.5AI score0.01791EPSS
CVE
CVE
added 2013/02/13 11:0 a.m.73 views

CVE-2013-1255

The CVE-2013-1255 entry describes a race condition in the win32k.sys kernel-mode driver that allows local privilege elevation and reading of arbitrary kernel memory. Affected are: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 Gold/SP...

4.9CVSS6.4AI score0.01466EPSS
CVE
CVE
added 2013/07/10 1:0 a.m.73 views

CVE-2013-3173

CVE-2013-3173 corresponds to the Win32k.sys kernel-mode driver buffer overflow vulnerability (Win32k Buffer Overwrite Vulnerability) that allows local privilege escalation on affected Windows versions. Documents reference Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008/R2 SP1, 7 SP1, ...

7.2CVSS6.7AI score0.01955EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.73 views

CVE-2013-3879

Win32k Use After Free Vulnerability (CVE-2013-3879): a local privilege-escalation in the win32k.sys kernel-mode driver affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8, Server 2012, and RT. Root cause: use-after-free in memory object handling within the W...

7.2CVSS6.4AI score0.01806EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.72 views

CVE-2001-1560

CVE-2001-1560 involves Win32k.sys (Graphics Device Interface, GDI) on Windows 2000/XP. The vulnerability arises when a local user calls the ShowWindow function after receiving a WM_NCCREATE message, enabling a local DoS (system crash). Documents consistently reference this by name and description...

2.1CVSS6.6AI score0.04948EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.72 views

CVE-2003-0010

The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...

7.5CVSS7.9AI score0.23773EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.72 views

CVE-2005-1218

CVE-2005-1218 describes a denial-of-service in the Microsoft Windows Remote Desktop Protocol (RDP) service affecting Windows 2000/XP/Server 2003. Root cause: an input-validation flaw in how RDP messages are processed, which could allow a remote attacker to crash the RDP service by sending a craft...

5CVSS6.4AI score0.61183EPSS
CVE
CVE
added 2007/03/20 8:0 p.m.72 views

CVE-2007-1531

The CVE-2007-1531 issue affects Microsoft Windows XP and Vista where gratuitous ARP responses can overwrite ARP table entries, enabling a remote attacker on the local network to cause DoS by sending crafted ARP traffic to a Vista host. Connected sources document PoC-style ARP DoS exploits against...

5CVSS6.3AI score0.22818EPSS
CVE
CVE
added 2010/03/31 7:0 p.m.72 views

CVE-2010-0807

CVE-2010-0807 affects Microsoft Internet Explorer 7 and is caused by improper handling of objects in memory when accessing a deleted object, leading to HTML Rendering Memory Corruption and remote code execution. The issue allows an attacker to run arbitrary code on a vulnerable machine, typically...

9.3CVSS7.6AI score0.29284EPSS
CVE
CVE
added 2011/04/13 8:7 p.m.72 views

CVE-2011-0676

CVE-2011-0676 affects Windows kernel-mode drivers (notably win32k.sys) across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in the Win32k subsystem that allows local users t...

7.8CVSS6.4AI score0.01173EPSS
CVE
CVE
added 2011/10/12 1:0 a.m.72 views

CVE-2011-1247

CVE-2011-1247 describes an untrusted search path vulnerability in the Microsoft Active Accessibility component that affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 RTM/SP1. The underlying flaw is insecure library loading (DLL l...

9.3CVSS6.4AI score0.11115EPSS
CVE
CVE
added 2012/01/10 9:0 p.m.72 views

CVE-2012-0005

CVE-2012-0005 affects Microsoft Windows CSRSS in the Win32 subsystem (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2). The issue arises when processing Unicode characters for Chinese/Japanese/Korean locales, leading to uninitialized memory access and local privilege escalation. Exploitat...

6.9CVSS6.6AI score0.01797EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.71 views

CVE-2003-0711

CVE-2003-0711 describes a stack-based buffer overflow in the PCHealth-HSC (Help and Support Center) HCP URL handling on Windows XP and Windows Server 2003. The unchecked buffer in the HCP protocol-handling file allows remote code execution with SYSTEM/Local privileges when a user clicks a crafted...

7.5CVSS8.1AI score0.33077EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.71 views

CVE-2004-1305

CVE-2004-1305 refers to a denial-of-service vulnerability in the Windows kernel related to how animated cursor and icon formats are processed. The weakness, described in MS05-002 and related CERT advisories, can be triggered by specially crafted cursor/icon/ani files viewed via Web pages or email...

5CVSS6.5AI score0.6236EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.71 views

CVE-2005-0048

CVE-2005-0048 is a Windows IP stack vulnerability (IP Validation Vulnerability) that allows remote code execution or denial of service via crafted IP packets with malformed options. Affected products include Windows XP SP2 and earlier, Windows 2000 SP3/SP4, and Windows Server 2003. The root cause...

7.5CVSS7.6AI score0.45524EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.71 views

CVE-2005-1978

CAN-2005-1978 pertains to a COM+ vulnerability in Windows (MS04-era MS05-051 context) where the COM+ component creates/uses memory structures in a way that could allow remote code execution and local privilege escalation. The linked MS05-051 bulletin confirms affected platforms include Windows 20...

7.5CVSS7.2AI score0.56856EPSS
CVE
CVE
added 2006/04/12 12:0 a.m.71 views

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

5.1CVSS7.5AI score0.24069EPSS
CVE
CVE
added 2006/02/14 7:0 p.m.71 views

CVE-2006-0013

Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...

6.5CVSS7.4AI score0.34854EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.71 views

CVE-2006-0032

Microsoft Windows Indexing Service vulnerability (CVE-2006-0032) is a cross-site scripting flaw in the Indexing Service component of Windows 2000/XP/Server 2003 when Encoding is set to Auto Select. An attacker can craft a UTF-7 URL that is injected into an error message, potentially executing scr...

4.3CVSS5.4AI score0.33221EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.71 views

CVE-2009-1544

CVE-2009-1544 affects the Windows Workstation (wkssvc) service where improper memory handling during RPC processing (NetrGetJoinInformation) causes a double-free. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2 (Gold), Server 2008 (Gold/SP2). Impact per sources: remote authenticated ...

9CVSS6.5AI score0.20644EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.71 views

CVE-2010-0265

CVE-2010-0265 affects Windows Movie Maker (versions 2.1, 2.6, 6.0) and Microsoft Producer 2003. Root cause is a heap/buffer overflow in IsValidWMToolsStream() due to reusing a buffer with mismatched sizes, enabling remote code execution when a crafted .MSWMM file is opened. Microsoft addressed th...

9.3CVSS7.7AI score0.26636EPSS
CVE
CVE
added 2010/06/08 10:0 p.m.71 views

CVE-2010-1255

CVE-2010-1255 maps to the Win32k TrueType Font Parsing Vulnerability in Windows kernel-mode driver win32k.sys. The issue concerns how glyph outline information is provided to user-mode applications, enabling local users to execute arbitrary code in kernel mode. Affected products include Windows 2...

6.8CVSS7.2AI score0.05068EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.71 views

CVE-2010-1896

CVE-2010-1896 corresponds to Win32k User Input Validation Vulnerability. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 (Gold/SP2). The flaw is in win32k.sys where user-mode input is not properly validated before kernel-mode ...

8.4CVSS6.2AI score0.01418EPSS
CVE
CVE
added 2010/09/15 6:0 p.m.71 views

CVE-2010-2738

Microsoft Windows/Office Uniscribe (USP10.DLL) vulnerability CVE-2010-2738 involves improper validation of tables in OpenType fonts, leading to remote code execution via crafted web pages or Office documents. Affected components include USP10.DLL across Windows XP SP2/SP3, Server 2003 SP2, Vista ...

9.3CVSS7.3AI score0.18537EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.71 views

CVE-2011-3406

CVE-2011-3406 describes a buffer overflow in Microsoft Windows Active Directory, ADAM, and AD LDS that can allow a remote authenticated attacker to execute arbitrary code by sending a crafted LDAP query. Root cause: memory initialization issue in LDAP request handling. Affected products/versions ...

9CVSS7.5AI score0.23297EPSS
CVE
CVE
added 2012/02/14 10:0 p.m.71 views

CVE-2012-0154

CVE-2012-0154 is a local Privilege Escalation in Windows kernel-mode driver win32k.sys (Keyboard Layout Use After Free). Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Windows 7 Gold/SP1. Root cause: use-after-free in keyboard layo...

7.2CVSS6.4AI score0.01845EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.71 views

CVE-2013-1344

CVE-2013-1344 affects win32k.sys in multiple Windows kernel-mode drivers. A memory handling flaw in Win32k allows local privilege escalation via a crafted application on affected OSes (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, Windows R...

7.2CVSS6.2AI score0.01654EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.70 views

CVE-2005-0058

CVE-2005-0058 describes a buffer overflow in the Windows Telephony API (TAPI) that can allow either remote code execution or local privilege elevation, depending on OS/version and configuration. Affected platforms include Windows 98/98 SE/ME, Windows 2000, Windows XP, and Windows Server 2003. The...

7.5CVSS7.4AI score0.50047EPSS
CVE
CVE
added 2005/03/29 5:0 a.m.70 views

CVE-2005-0904

CVE-2005-0904 affects Windows XP SP1 Remote Desktop. The issue is that the system does not verify the setting “Force shutdown from a remote system,” which allows a remote attacker to shut down the host by executing TSShutdn.exe. The vulnerability details in the connected data confirm this behavio...

2.1CVSS6.7AI score0.07047EPSS
CVE
CVE
added 2006/03/29 1:0 a.m.70 views

CVE-2006-1476

Windows Firewall in Microsoft Windows XP SP2 is affected by an issue where the firewall produces incorrect application block alerts when the application filename is “.exe” (no characters before the dot). This can enable local user-assisted actions to trick a user into unblocking a Trojan horse pr...

2.6CVSS6.2AI score0.03915EPSS
CVE
CVE
added 2006/05/12 12:0 a.m.70 views

CVE-2006-2334

The CVE-2006-2334 issue affects the Windows NT kernel user-mode path conversion: the RtlDosPathNameToNtPathName_U API in NTDLL.DLL on Windows 2000 SP4 and XP SP2 mishandles DOS-style paths with trailing spaces, allowing context-dependent attackers to create files that aren’t accessible via the ex...

2.1CVSS6.5AI score0.04361EPSS
CVE
CVE
added 2006/12/28 3:0 p.m.70 views

CVE-2006-6797

CVE-2006-6797 is a Windows CSRSS vulnerability where local users can cause a DoS crash or read arbitrary memory in csrss.exe by crafting arguments to NtRaiseHardError (status 0x50000018). It is tied to MS07-021 and attributed to improper CSRSS error message handling. Affected component: Client/Se...

6.6CVSS6.2AI score0.06786EPSS
CVE
CVE
added 2007/04/10 9:0 p.m.70 views

CVE-2007-1206

CVE-2007-1206 describes a Windows Kernel local privilege elevation due to incorrect permissions on a mapped memory segment (PAGE_READWRITE) for a physical memory view, enabling an unprivileged user to modify the zero page and gain privileges. Affected systems include Windows NT 4.0; 2000 SP4; XP ...

7.2CVSS6AI score0.02709EPSS
CVE
CVE
added 2008/04/08 11:0 p.m.70 views

CVE-2008-1083

CVE-2008-1083 describes a remote-code-execution vulnerability in the Windows GDI component. The flaw occurs in the CreateDIBPatternBrushPt function when parsing malformed EMF/WMF image headers, leading to a heap-based/integer overflow in GDI and potentially arbitrary code execution on affected sy...

9.3CVSS7.7AI score0.57102EPSS
CVE
CVE
added 2008/04/08 11:0 p.m.70 views

CVE-2008-1087

CVE-2008-1087: A stack-based buffer overflow in Windows GDI processing of EMF image filenames allows remote code execution. Affected: Windows 2000 SP4, XP SP2, Server 2003 SP1/SP2, Vista, Server 2008. Root cause: buffer overflow in EMF filename handling. Exploit-vector: crafted EMF file name para...

9.3CVSS7.8AI score0.56603EPSS
CVE
CVE
added 2009/06/10 5:37 p.m.70 views

CVE-2009-0230

CVE-2009-0230 : A remote authenticated elevation-of-privilege vulnerability in the Windows Print Spooler allowing an arbitrary DLL to be loaded via a crafted RPC message. Affected: Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista (Gold, SP1, SP2), and Server 2008 SP2. Exploitation requires th...

9CVSS6.5AI score0.34878EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.70 views

CVE-2009-1928

The CVE-2009-1928 entry describes an LSASS Recursive Stack Overflow vulnerability that causes denial of service in Active Directory implementations. Affected software includes: Microsoft Windows 2000 Server SP4, Windows Server 2003 SP2, Windows Server 2008 (Gold and SP2) Active Directory; Active ...

7.8CVSS6.4AI score0.3002EPSS
CVE
CVE
added 2009/09/08 10:0 p.m.70 views

CVE-2009-2519

CVE-2009-2519 describes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control (triedit.dll) bundled with Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises when formatting HTML markup, allowing a crafted web page viewed in Internet Explorer to trigge...

9.3CVSS7.3AI score0.25618EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.70 views

CVE-2010-1897

CVE-2010-1897 affects Windows kernel-mode drivers in win32k.sys across Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 SP2/R2, and Windows 7. The vulnerability arises from improper validation of pseudo-handle values passed in callback parameters during Crea...

7.2CVSS6.2AI score0.03428EPSS
CVE
CVE
added 2011/07/13 11:0 p.m.70 views

CVE-2011-1876

CVE-2011-1876 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) that allows local privilege escalation by abusing improper driver object management. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2...

7.2CVSS6.4AI score0.01405EPSS
CVE
CVE
added 2011/10/12 1:0 a.m.70 views

CVE-2011-2011

The CVE-2011-2011 issue is a local privilege-escalation vulnerability in Windows kernel components, specifically Win32k.sys, affecting Windows XP, Server 2003, Vista, Server 2008/R2, and Windows 7 (Gold/SP1). Root cause: a use-after-free condition in win32k.sys due to incorrect driver object mana...

7.2CVSS6.4AI score0.01787EPSS
Total number of security vulnerabilities663