Lucene search
+L

663 matches found

CVE
CVE
added 2013/10/09 2:44 p.m.75 views

CVE-2013-3879

Win32k Use After Free Vulnerability (CVE-2013-3879): a local privilege-escalation in the win32k.sys kernel-mode driver affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8, Server 2012, and RT. Root cause: use-after-free in memory object handling within the W...

7.2CVSS6.4AI score0.01806EPSS
CVE
CVE
added 2010/12/16 7:0 p.m.74 views

CVE-2010-3940

CVE-2010-3940 is a Windows kernel-mode driver (win32k.sys) vulnerability described as a double-free in the Win32k PFE pointer handling that could allow local privilege elevation. Affected platforms include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Go...

7.2CVSS6.4AI score0.01641EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.74 views

CVE-2011-0028

CVE-2011-0028 concerns a vulnerability in Microsoft WordPad Text Converters used by WordPad on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is an error in the WordPad converter that fails to correctly parse certain Word document fields (notably sprmTTextFlow and sprmTSplit), all...

9.3CVSS7.5AI score0.23596EPSS
CVE
CVE
added 2011/10/12 1:0 a.m.74 views

CVE-2011-1247

CVE-2011-1247 describes an untrusted search path vulnerability in the Microsoft Active Accessibility component that affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 RTM/SP1. The underlying flaw is insecure library loading (DLL l...

9.3CVSS6.4AI score0.11115EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.74 views

CVE-2011-3408

CVE-2011-3408 describes a local privilege-escalation vulnerability in the Windows Client/Server Run-time Subsystem (CSRSS). Csrsrv.dll in CSRSS fails to properly check permissions when a lower-integrity process sends inter-process device-event messages to a higher-integrity process, allowing a lo...

7.2CVSS6.5AI score0.01791EPSS
CVE
CVE
added 2012/01/10 9:0 p.m.74 views

CVE-2012-0001

CVE-2012-0001 details (Windows kernel SafeSEH bypass). The vulnerability arises from the kernel’s improper loading of structured exception handling (SEH) tables in Windows XP SP2, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2/R2 SP1, and Windows 7 SP1. This allows context-dependent attackers to ...

9.3CVSS6.3AI score0.09554EPSS
CVE
CVE
added 2012/06/12 10:0 p.m.74 views

CVE-2012-1865

CVE-2012-1865 affects Microsoft Windows kernel- mode drivers (notably win32k.sys) across multiple OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). The root cause, as described in the CVE entry, is that user-mode input passed to kernel mode for driver ob...

7.2CVSS6.2AI score0.0164EPSS
CVE
CVE
added 2013/02/13 11:0 a.m.74 views

CVE-2013-1255

The CVE-2013-1255 entry describes a race condition in the win32k.sys kernel-mode driver that allows local privilege elevation and reading of arbitrary kernel memory. Affected are: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 Gold/SP...

4.9CVSS6.4AI score0.01466EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.74 views

CVE-2013-1341

CVE-2013-1341 affects the Windows kernel component win32k.sys (kernel-mode drivers) and allows local privilege escalation via a crafted application on several Windows families. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8. Root cause: ...

7.2CVSS6.4AI score0.01806EPSS
CVE
CVE
added 2013/07/10 1:0 a.m.74 views

CVE-2013-3173

CVE-2013-3173 corresponds to the Win32k.sys kernel-mode driver buffer overflow vulnerability (Win32k Buffer Overwrite Vulnerability) that allows local privilege escalation on affected Windows versions. Documents reference Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008/R2 SP1, 7 SP1, ...

7.2CVSS6.7AI score0.01955EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.73 views

CVE-2003-0659

CVE-2003-0659 describes a buffer-overflow in a function used by the Windows ListBox and ComboBox controls (User32.dll) that can be triggered by crafted Windows messages (LB_DIR/CB_DIR). This local, interactive vulnerability could allow an attacker who can log on to execute arbitrary code with the...

7.2CVSS7.3AI score0.33575EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.73 views

CVE-2004-0207

CVE-2004-0207 is a local privilege-elevation vulnerability in the Windows Window Management APIs (SetWindowLong/SetWindowLongPtr) that could let a logged-on user change properties of higher-privileged processes and gain full control of the system. Affected Windows platforms include Windows 98, NT...

2.1CVSS6.5AI score0.01793EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.73 views

CVE-2004-1305

CVE-2004-1305 refers to a denial-of-service vulnerability in the Windows kernel related to how animated cursor and icon formats are processed. The weakness, described in MS05-002 and related CERT advisories, can be triggered by specially crafted cursor/icon/ani files viewed via Web pages or email...

5CVSS6.5AI score0.6236EPSS
CVE
CVE
added 2006/04/12 12:0 a.m.73 views

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

5.1CVSS7.5AI score0.24069EPSS
CVE
CVE
added 2008/04/08 11:0 p.m.73 views

CVE-2008-1087

CVE-2008-1087: A stack-based buffer overflow in Windows GDI processing of EMF image filenames allows remote code execution. Affected: Windows 2000 SP4, XP SP2, Server 2003 SP1/SP2, Vista, Server 2008. Root cause: buffer overflow in EMF filename handling. Exploit-vector: crafted EMF file name para...

9.3CVSS7.8AI score0.56603EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.73 views

CVE-2009-1126

CVE-2009-1126 corresponds to the Windows Desktop Parameter Edit Vulnerability. Affected products are Windows 2000 SP4, XP SP2/SP3, and Windows Server 2003 SP2. The kernel fails to properly validate user-mode input when editing a specific desktop parameter, enabling a local attacker to execute cod...

7.2CVSS6.3AI score0.01438EPSS
CVE
CVE
added 2009/12/09 6:0 p.m.73 views

CVE-2009-3675

CVE-2009-3675 describes a denial-of-service vulnerability in Windows LSASS (Local Security Authority Subsystem Service) where remote authenticated attackers can exhaust CPU resources by sending specially crafted ISAKMP messages over IPsec. Affected: Windows 2000 SP4, XP SP2/SP3, and Server 2003 S...

6.8CVSS6AI score0.24705EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.73 views

CVE-2010-1896

CVE-2010-1896 corresponds to Win32k User Input Validation Vulnerability. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 (Gold/SP2). The flaw is in win32k.sys where user-mode input is not properly validated before kernel-mode ...

8.4CVSS6.2AI score0.01418EPSS
CVE
CVE
added 2010/09/15 6:0 p.m.73 views

CVE-2010-2738

Microsoft Windows/Office Uniscribe (USP10.DLL) vulnerability CVE-2010-2738 involves improper validation of tables in OpenType fonts, leading to remote code execution via crafted web pages or Office documents. Affected components include USP10.DLL across Windows XP SP2/SP3, Server 2003 SP2, Vista ...

9.3CVSS7.3AI score0.18537EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.73 views

CVE-2011-0662

CVE-2011-0662 is a Win32k.sys use-after-free vulnerability in Windows kernel-mode drivers that allows a local user to escalate privileges via a crafted application, due to incorrect driver object management. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 (Gold, SP2, R2,...

7.2CVSS6.4AI score0.01561EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.73 views

CVE-2011-1268

CVE-2011-1268 affects the SMB client in various Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). The issue is a remote code execution flaw caused by improper parsing of crafted SMB responses (SMBv1 or SMBv2), allowing an attacker to execute ar...

10CVSS7.5AI score0.11051EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.72 views

CVE-2001-1560

CVE-2001-1560 involves Win32k.sys (Graphics Device Interface, GDI) on Windows 2000/XP. The vulnerability arises when a local user calls the ShowWindow function after receiving a WM_NCCREATE message, enabling a local DoS (system crash). Documents consistently reference this by name and description...

2.1CVSS6.6AI score0.04948EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.72 views

CVE-2005-0048

CVE-2005-0048 is a Windows IP stack vulnerability (IP Validation Vulnerability) that allows remote code execution or denial of service via crafted IP packets with malformed options. Affected products include Windows XP SP2 and earlier, Windows 2000 SP3/SP4, and Windows Server 2003. The root cause...

7.5CVSS7.6AI score0.45524EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.72 views

CVE-2005-0058

CVE-2005-0058 describes a buffer overflow in the Windows Telephony API (TAPI) that can allow either remote code execution or local privilege elevation, depending on OS/version and configuration. Affected platforms include Windows 98/98 SE/ME, Windows 2000, Windows XP, and Windows Server 2003. The...

7.5CVSS7.4AI score0.50047EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.72 views

CVE-2005-1218

CVE-2005-1218 describes a denial-of-service in the Microsoft Windows Remote Desktop Protocol (RDP) service affecting Windows 2000/XP/Server 2003. Root cause: an input-validation flaw in how RDP messages are processed, which could allow a remote attacker to crash the RDP service by sending a craft...

5CVSS6.4AI score0.61183EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.72 views

CVE-2005-1978

CAN-2005-1978 pertains to a COM+ vulnerability in Windows (MS04-era MS05-051 context) where the COM+ component creates/uses memory structures in a way that could allow remote code execution and local privilege escalation. The linked MS05-051 bulletin confirms affected platforms include Windows 20...

7.5CVSS7.2AI score0.56856EPSS
CVE
CVE
added 2006/02/14 7:0 p.m.72 views

CVE-2006-0013

Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...

6.5CVSS7.4AI score0.34854EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.72 views

CVE-2006-0032

Microsoft Windows Indexing Service vulnerability (CVE-2006-0032) is a cross-site scripting flaw in the Indexing Service component of Windows 2000/XP/Server 2003 when Encoding is set to Auto Select. An attacker can craft a UTF-7 URL that is injected into an error message, potentially executing scr...

4.3CVSS5.4AI score0.33221EPSS
CVE
CVE
added 2007/04/10 9:0 p.m.72 views

CVE-2007-1206

CVE-2007-1206 describes a Windows Kernel local privilege elevation due to incorrect permissions on a mapped memory segment (PAGE_READWRITE) for a physical memory view, enabling an unprivileged user to modify the zero page and gain privileges. Affected systems include Windows NT 4.0; 2000 SP4; XP ...

7.2CVSS6AI score0.02709EPSS
CVE
CVE
added 2007/03/20 8:0 p.m.72 views

CVE-2007-1531

The CVE-2007-1531 issue affects Microsoft Windows XP and Vista where gratuitous ARP responses can overwrite ARP table entries, enabling a remote attacker on the local network to cause DoS by sending crafted ARP traffic to a Vista host. Connected sources document PoC-style ARP DoS exploits against...

5CVSS6.3AI score0.22818EPSS
CVE
CVE
added 2009/06/10 5:37 p.m.72 views

CVE-2009-0230

CVE-2009-0230 : A remote authenticated elevation-of-privilege vulnerability in the Windows Print Spooler allowing an arbitrary DLL to be loaded via a crafted RPC message. Affected: Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista (Gold, SP1, SP2), and Server 2008 SP2. Exploitation requires th...

9CVSS6.5AI score0.34878EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.72 views

CVE-2010-0265

CVE-2010-0265 affects Windows Movie Maker (versions 2.1, 2.6, 6.0) and Microsoft Producer 2003. Root cause is a heap/buffer overflow in IsValidWMToolsStream() due to reusing a buffer with mismatched sizes, enabling remote code execution when a crafted .MSWMM file is opened. Microsoft addressed th...

9.3CVSS7.7AI score0.26636EPSS
CVE
CVE
added 2010/03/31 7:0 p.m.72 views

CVE-2010-0807

CVE-2010-0807 affects Microsoft Internet Explorer 7 and is caused by improper handling of objects in memory when accessing a deleted object, leading to HTML Rendering Memory Corruption and remote code execution. The issue allows an attacker to run arbitrary code on a vulnerable machine, typically...

9.3CVSS7.6AI score0.29284EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.72 views

CVE-2010-1897

CVE-2010-1897 affects Windows kernel-mode drivers in win32k.sys across Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 SP2/R2, and Windows 7. The vulnerability arises from improper validation of pseudo-handle values passed in callback parameters during Crea...

7.2CVSS6.2AI score0.03428EPSS
CVE
CVE
added 2011/04/13 8:7 p.m.72 views

CVE-2011-0676

CVE-2011-0676 affects Windows kernel-mode drivers (notably win32k.sys) across multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in the Win32k subsystem that allows local users t...

7.8CVSS6.4AI score0.01173EPSS
CVE
CVE
added 2011/07/13 11:0 p.m.72 views

CVE-2011-1876

CVE-2011-1876 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) that allows local privilege escalation by abusing improper driver object management. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 (Gold, SP2, R2...

7.2CVSS6.4AI score0.01405EPSS
CVE
CVE
added 2011/10/12 1:0 a.m.72 views

CVE-2011-2011

The CVE-2011-2011 issue is a local privilege-escalation vulnerability in Windows kernel components, specifically Win32k.sys, affecting Windows XP, Server 2003, Vista, Server 2008/R2, and Windows 7 (Gold/SP1). Root cause: a use-after-free condition in win32k.sys due to incorrect driver object mana...

7.2CVSS6.4AI score0.01787EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.72 views

CVE-2011-3406

CVE-2011-3406 describes a buffer overflow in Microsoft Windows Active Directory, ADAM, and AD LDS that can allow a remote authenticated attacker to execute arbitrary code by sending a crafted LDAP query. Root cause: memory initialization issue in LDAP request handling. Affected products/versions ...

9CVSS7.5AI score0.23297EPSS
CVE
CVE
added 2012/01/10 9:0 p.m.72 views

CVE-2012-0005

CVE-2012-0005 affects Microsoft Windows CSRSS in the Win32 subsystem (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2). The issue arises when processing Unicode characters for Chinese/Japanese/Korean locales, leading to uninitialized memory access and local privilege escalation. Exploitat...

6.9CVSS6.6AI score0.01797EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.72 views

CVE-2013-1344

CVE-2013-1344 affects win32k.sys in multiple Windows kernel-mode drivers. A memory handling flaw in Win32k allows local privilege escalation via a crafted application on affected OSes (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, Windows R...

7.2CVSS6.2AI score0.01654EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.71 views

CVE-2003-0711

CVE-2003-0711 describes a stack-based buffer overflow in the PCHealth-HSC (Help and Support Center) HCP URL handling on Windows XP and Windows Server 2003. The unchecked buffer in the HCP protocol-handling file allows remote code execution with SYSTEM/Local privileges when a user clicks a crafted...

7.5CVSS8.1AI score0.33077EPSS
CVE
CVE
added 2008/04/08 11:0 p.m.71 views

CVE-2008-1083

CVE-2008-1083 describes a remote-code-execution vulnerability in the Windows GDI component. The flaw occurs in the CreateDIBPatternBrushPt function when parsing malformed EMF/WMF image headers, leading to a heap-based/integer overflow in GDI and potentially arbitrary code execution on affected sy...

9.3CVSS7.7AI score0.57102EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.71 views

CVE-2009-1544

CVE-2009-1544 affects the Windows Workstation (wkssvc) service where improper memory handling during RPC processing (NetrGetJoinInformation) causes a double-free. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2 (Gold), Server 2008 (Gold/SP2). Impact per sources: remote authenticated ...

9CVSS6.5AI score0.20644EPSS
Web
CVE
CVE
added 2009/09/08 10:0 p.m.71 views

CVE-2009-2519

CVE-2009-2519 describes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control (triedit.dll) bundled with Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises when formatting HTML markup, allowing a crafted web page viewed in Internet Explorer to trigge...

9.3CVSS7.3AI score0.25618EPSS
Web
CVE
CVE
added 2010/06/08 10:0 p.m.71 views

CVE-2010-1255

CVE-2010-1255 maps to the Win32k TrueType Font Parsing Vulnerability in Windows kernel-mode driver win32k.sys. The issue concerns how glyph outline information is provided to user-mode applications, enabling local users to execute arbitrary code in kernel mode. Affected products include Windows 2...

6.8CVSS7.2AI score0.05068EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.71 views

CVE-2010-1894

Win32k Exception Handling Vulnerability (CVE-2010-1894) affects Windows XP SP2/SP3 and Windows Server 2003 SP2 via win32k.sys. Description: the kernel-mode driver does not properly handle certain exceptions, enabling local privilege escalation by a crafted application. Impact: attacker could exec...

7.2CVSS6.4AI score0.02959EPSS
CVE
CVE
added 2011/07/13 11:0 p.m.71 views

CVE-2011-1880

CVE-2011-1880 affects Windows kernel-mode drivers, specifically Win32k.sys, across multiple OS versions (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold SP2/R2 and R2 SP1, Windows 7 Gold/SP1). The vulnerability is a NULL pointer de-reference in Win32k....

7.2CVSS6.4AI score0.0137EPSS
CVE
CVE
added 2011/12/14 12:0 a.m.71 views

CVE-2011-3397

This CVE affects the Microsoft Windows Time component (DATIME.DLL) on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability allows remote code execution via a crafted web page that leverages an unspecified binary behavior in Internet Explorer. The issue is documented as CVE-2011-3397 ...

9.3CVSS8AI score0.19804EPSS
CVE
CVE
added 2012/02/14 10:0 p.m.71 views

CVE-2012-0154

CVE-2012-0154 is a local Privilege Escalation in Windows kernel-mode driver win32k.sys (Keyboard Layout Use After Free). Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2/R2 SP1, and Windows 7 Gold/SP1. Root cause: use-after-free in keyboard layo...

7.2CVSS6.4AI score0.01845EPSS
CVE
CVE
added 2005/03/29 5:0 a.m.70 views

CVE-2005-0904

CVE-2005-0904 affects Windows XP SP1 Remote Desktop. The issue is that the system does not verify the setting “Force shutdown from a remote system,” which allows a remote attacker to shut down the host by executing TSShutdn.exe. The vulnerability details in the connected data confirm this behavio...

2.1CVSS6.7AI score0.07047EPSS
Total number of security vulnerabilities663