663 matches found
CVE-2011-1883
CVE-2011-1883 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1. The flaw stems from incorrect driver object management in kernel-mode, enabling local privilege escalation to ...
CVE-2011-1886
CVE-2011-1886: Information-disclosure in Win32k.sys (Windows XP SP3 kernel-mode driver) due to improper validation of function parameters, enabling local users to read kernel memory via a crafted application that triggers a NULL pointer dereference. Affected component is Win32k.sys; impact is ker...
CVE-2012-0157
CVE-2012-0157 affects Windows kernel Win32k.sys, where local users can elevate privileges by crafting inputs to PostMessage. Public sources (MS12-018) and multiple vulnerability feeds confirm a kernel-mode privilege-escalation flaw exploitable via PostMessage handling in win32k.sys on affected Wi...
CVE-2012-2530
CVE-2012-2530 is a local privilege-escalation vulnerability in the Windows kernel component win32k.sys (kernel-mode drivers). The issue is described as a use-after-free condition in win32k.sys that affects multiple Windows platforms, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows ...
CVE-2013-1257
The CVE-2013-1257 issue is a race condition in the Windows kernel‑mode driver win32k.sys that affects multiple Windows variants (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, and Windows 7 SP0/SP1). The underlying vulnerability allows local attackers to escalate privileges and r...
CVE-2013-1275
The CVE-2013-1275 issue is a race condition in the win32k.sys kernel-mode driver on multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). Exploitation enables local users to gain privileges and read arbitrary kernel memory via a crafted applica...
CVE-2002-0034
The CVE-2002-0034 issue concerns Microsoft CONVERT.EXE on Windows 2000/XP when converting FAT32 to NTFS. The vulnerability arises because default NTFS permissions are not applied during conversion, potentially producing a filesystem with less secure permissions than expected. Public sources (NVD/...
CVE-2003-0660
The CVE-2003-0660 issue is a vulnerability in the Authenticode verification mechanism used by Windows NT through Server 2003. Under low-memory conditions, an ActiveX control could be downloaded and installed without prompting the user, enabling remote code execution with the user’s privileges whe...
CVE-2006-0006
CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...
CVE-2007-1946
CVE-2007-1946 is described as an integer overflow in Windows Explorer on Windows XP SP1 that could allow denial of service and possibly arbitrary code execution via a crafted BMP image (w4intof.bmp). The connected OpenVAS and FreeBSD VuXML entries reference BMP/image parsing-related overflow issu...
CVE-2009-0082
CVE-2009-0082 is a Windows kernel local privilege-escalation vulnerability caused by improper validation of handles when performing certain actions. Affected systems include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista (Gold/SP1), and Server 2008. An attacker with valid logon credenti...
CVE-2009-2529
CVE-2009-2529 affects Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8. The vulnerability arises from improper argument validation for unspecified variables in HTML component handling, enabling remote code execution via a crafted HTML document. Public information in connected KB ...
CVE-2010-0820
CVE-2010-0820 is an LSASS heap overflow vulnerability affecting Active Directory, ADAM, and AD LDS. An authenticated attacker could exploit specially crafted LDAP messages sent to a listening LSASS service to achieve code execution with elevated privileges. The vulnerability impacts multiple Wind...
CVE-2011-0087
The CVE-2011-0087 issue concerns the Windows kernel-mode driver win32k.sys, where user-mode input is not properly validated. This enables local privilege escalation, potentially allowing an attacker to gain complete control of the affected system. Affected products include Windows XP (SP2/SP3), S...
CVE-2011-1241
The CVE-2011-1241 entry details a use-after-free in the Windows kernel-mode driver Win32k.sys that can allow local privilege escalation via crafted code, due to incorrect driver object management. Affected products/versions include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP...
CVE-2011-1283
The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...
CVE-2011-1875
CVE-2011-1875 is a use-after-free vulnerability in win32k.sys within kernel-mode drivers that enables local privilege escalation by exploiting incorrect driver object management. Affected systems include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/...
CVE-2011-1881
CVE-2011-1881 affects Windows kernel-mode drivers, specifically win32k.sys, with a NULL pointer dereference vulnerability that enables local privilege escalation. Affected products include Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and R2 S...
CVE-2012-1893
CVE-2012-1893 affects a Windows kernel-mode component, specifically the win32k.sys driver. The vulnerability arises from improper validation of callback parameters when creating a hook procedure, enabling local users to escalate privileges by crafting a malicious application. Affected products in...
CVE-2013-1260
CVE-2013-1260 is a race condition in the Windows win32k.sys kernel-mode driver that enables local privilege escalation and reading arbitrary kernel memory. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP2), Windows Server 2008 (SP2 and R2 SP1), and Win...
CVE-2013-1342
Technical details for CVE-2013-1342 are not publicly available in the provided Connected documents. The initial description contains general vulnerability information only. Monitor for updates from official advisories and vendor advisories to obtain affected products, impact, and remediation spec...
CVE-2013-3136
CVE-2013-3136 describes a local information-disclosure vulnerability in the Windows kernel on 32-bit Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, and Windows 8. The issue stems from how the kernel handles unspecified page-fault system calls, allowing a crafted local...
CVE-2013-3866
CVE-2013-3866 is a Windows kernel‑mode driver privilege escalation in Win32k.sys affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8, Server 2012, Windows RT). The root cause is a crafted application that allows local users to gain...
CVE-2004-0123
CVE-2004-0123 (ASN.1 “Double Free”) affects Windows platforms including NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The issue is a potential memory-management error caused by a possible double-free condition in the Microsoft ASN.1 Library, which could lead to memory corruption and,...
CVE-2004-0208
CVE-2004-0208 is a local privilege-elevation vulnerability in the Windows kernel/VDM subsystem. The Windows Virtual DOS Machine (VDM) component could allow an authenticated, locally logged-on attacker to gain kernel privileges by executing code in memory areas not properly validated when handling...
CVE-2004-1361
The CVE-2004-1361 issue affects Microsoft Windows where winhlp32.exe parses help files (.hlp). Affected: Windows NT, Windows 2000 (SP4), Windows XP (SP2), Windows 2003; vulnerability arises from an integer/length miscalculation in handling .hlp content, causing a heap-based buffer overflow. Conse...
CVE-2005-1980
CVE-2005-1980 corresponds to the MSDTC TIP Denial of Service vulnerability described in Microsoft Security Bulletin MS05-051 (CAN-2005-1980). The flaw affects MSDTC TIP processing, enabling a remote attacker to cause the DTC service to stop responding by sending a crafted TIP message. Microsoft l...
CVE-2006-0008
The CVE-2006-0008 issue affects the Korean Input Method Editor (IME) on Windows XP SP1/SP2, Windows Server 2003 up to SP1, and Office 2003. A privilege-elevation flaw exists in the Korean IME; an attacker who can log on (locally or via Remote Desktop/Terminal Services) could exploit the ShellAbou...
CVE-2006-5614
CVE-2006-5614 concerns Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2 with Internet Connection Sharing enabled. The vulnerability allows remote attackers to trigger a denial-of-service (svchost.exe crash) by sending a malformed DNS query that leads to a null pointer dere...
CVE-2006-5758
CVE-2006-5758 is a local elevation of privilege vulnerability in the Windows Graphics Rendering Engine (GDI) across Windows 2000 SP4 and Windows XP SP2. The underlying issue is how GDI Kernel structures are mapped into a global shared memory section created with insecure permissions: the section ...
CVE-2007-0210
The CVE-2007-0210 entry corresponds to a local privilege-escalation vulnerability in Windows XP SP2’s Windows Image Acquisition (WIA) service caused by an unchecked buffer. A logged-on attacker could gain complete control by starting a crafted application that abuses WIA (no remote/anonymous expl...
CVE-2007-2218
CVE-2007-2218 maps to a heap corruption/remote code execution vulnerability in the Windows Schannel security package. MS07-031 describes an issue where server-sent digital signatures are not adequately checked during the SSL handshake, allowing a remote attacker to execute code (browser or app us...
CVE-2007-5133
Microsoft Windows Explorer (explorer.exe) is affected by CVE-2007-5133. A crafted PNG file with a large tEXt chunk may trigger an integer overflow in PNG chunk size handling, allowing user‑assisted remote attackers to cause a denial of service (CPU consumption). The connected sources explicitly d...
CVE-2010-0237
Technical details such as affected products, versions, and fixes for CVE-2010-0237 are not provided in the supplied documents; only the high-level description is present. Monitor for updates.
CVE-2010-3942
CVE-2010-3942 affects Windows kernel-mode driver win32k.sys, where memory allocation for copies from user mode is flawed, enabling local privilege escalation on affected Windows versions (XP SP2/SP3, 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). Connected sources corroborate t...
CVE-2011-0045
CVE-2011-0045 affects the Windows XP SP3 kernel “Trace Events” subsystem, specifically the WmiTraceMessageVa path. The vulnerability arises from improper type conversion that causes integer truncation, leading to insufficient memory allocation and a resulting buffer overflow. Exploitation enables...
CVE-2011-1236
CVE-2011-1236 is a use-after-free vulnerability in win32k.sys (kernel-mode driver) affecting multiple Windows OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). The issue arises from incorrect driver object management in the Win32k subsys...
CVE-2011-1239
CVE-2011-1239 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys that allows local privilege escalation. A crafted action exploits incorrect driver object management to gain full control. Affected products/versions include Windows XP (SP2, SP3), Windows Server 2003 (SP...
CVE-2011-1242
CVE-2011-1242 is a Win32k.sys use-after-free local privilege-escalation vulnerability. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 SP1. Cause: incorrect management of kernel-mode driver objects in win32k.sys leading to use-after-free...
CVE-2011-1869
The CVE-2011-1869 issue affects the Distributed File System (DFS) implementation on multiple Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). A crafted DFS referral response can be sent by a remote ...
CVE-2011-1878
CVE-2011-1878 is a use-after-free vulnerability in win32k.sys, the kernel-mode driver component of Windows. A crafted local access application can trigger improper driver object management, enabling a local user to escalate privileges. Affected products include Windows XP SP2/SP3, Windows Server ...
CVE-2013-1250
CVE-2013-1250 is a race-condition-based local privilege-escalation flaw in the Windows kernel-mode driver win32k.sys. Affected software (per PT-2013-3009) includes Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2–R2 SP1, and Windows 7 Gold–SP1. The vulnerabi...
CVE-2013-3196
The CVE-2013-3198 entry concerns the NTVDM kernel component in 32‑bit Windows platforms (XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Windows 8). The vulnerability arises from improper validation of kernel‑memory addresses in NTVDM, enabling local users to gain privileges o...
CVE-2002-0283
CVE-2002-0283 affects Windows XP where an attacker can induce CPU consumption (DoS) by sending a flood of TCP SYN packets with possibly malformed data to port 445 (SMB). This is a network-vector, low-complexity attack requiring no authentication, with the impact described as partial availability....
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2003-0112
CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...
CVE-2004-0839
CVE-2004-0839 is the IE Drag-and-Drop Vulnerability. The connected docs show it as a publicly disclosed CAN-2005-0053 vulnerability, which was addressed by Microsoft security updates MS05-014 and related MS05-008. The vulnerability arises from Internet Explorer handling drag-and-drop events, allo...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2005-2307
CVE-2005-2307 is a denial-of-service vulnerability in the Windows Network Connection Manager (Network Connection Manager) where a web or local attacker could crash the Network Connections Service by sending a specially crafted input to netman.dll. The issue affects the Network Connection Manager ...
CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1/SP2, and Windows Server 2003 SP1 is affected. A vulnerability in the rendering path (DIV containing a malformed IMG tag) combined with a malformed CSS/HTML file can trigger a null dereference, causing a remot...