663 matches found
CVE-2006-0006
CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...
CVE-2010-0820
CVE-2010-0820 is an LSASS heap overflow vulnerability affecting Active Directory, ADAM, and AD LDS. An authenticated attacker could exploit specially crafted LDAP messages sent to a listening LSASS service to achieve code execution with elevated privileges. The vulnerability impacts multiple Wind...
CVE-2010-2740
The CVE-2010-2740 entry corresponds to two Windows OpenType Font (OTF) format driver vulnerabilities (CVE-2010-2740 and CVE-2010-2741) affecting Windows XP SP2/SP3 and Windows Server 2003 SP2. The OpenType Font (OTF) format driver is vulnerable in how it allocates memory when parsing specially cr...
CVE-2011-0030
CVE-2011-0030 describes a CSRSS Elevation of Privilege vulnerability in Windows XP SP2/SP3 and Windows Server 2003 SP2. The Client/Server Run-time Subsystem (CSRSS) does not properly terminate processes after a user logs out, allowing a local attacker to keep a crafted process running into the ne...
CVE-2011-0042
The CVE-2011-0042 issue affects Windows Media Player/Windows Media Center where SBE.dll in the Stream Buffer Engine mis-parses DVR-MS files. This parsing flaw can enable remote code execution via a crafted DVR-MS file on multiple Windows versions (XP SP2/SP3, XP MCE 2005 SP3, Vista SP1/SP2, Windo...
CVE-2011-0087
The CVE-2011-0087 issue concerns the Windows kernel-mode driver win32k.sys, where user-mode input is not properly validated. This enables local privilege escalation, potentially allowing an attacker to gain complete control of the affected system. Affected products include Windows XP (SP2/SP3), S...
CVE-2011-0658
CVE-2011-0658 corresponds to Microsoft Windows OLE Automation Remote Code Execution via a malformed WMF in oleaut32.dll. Public sources (MS11-038) and multiple security analyses describe an integer underflow in the WMF parsing path, leading to arbitrary code execution when a user opens a crafted ...
CVE-2011-1230
CVE-2011-1230 affects Windows kernel components, specifically win32k.sys in the kernel-mode drivers. The vulnerability is a NULL pointer de-reference in win32k.sys, leading to local privilege escalation. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1...
CVE-2011-1238
CVE-2011-1238 describes a use-after-free bug in the Windows kernel driver component win32k.sys. The issue affects multiple Windows lineages (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold, R2, and R2 SP1, and Windows 7 Gold/SP1) and is triggered by incorrect management of kernel-mod...
CVE-2011-1283
The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...
CVE-2011-1883
CVE-2011-1883 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1. The flaw stems from incorrect driver object management in kernel-mode, enabling local privilege escalation to ...
CVE-2011-1886
CVE-2011-1886: Information-disclosure in Win32k.sys (Windows XP SP3 kernel-mode driver) due to improper validation of function parameters, enabling local users to read kernel memory via a crafted application that triggers a NULL pointer dereference. Affected component is Win32k.sys; impact is ker...
CVE-2013-1257
The CVE-2013-1257 issue is a race condition in the Windows kernel‑mode driver win32k.sys that affects multiple Windows variants (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, and Windows 7 SP0/SP1). The underlying vulnerability allows local attackers to escalate privileges and r...
CVE-2013-1275
The CVE-2013-1275 issue is a race condition in the win32k.sys kernel-mode driver on multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). Exploitation enables local users to gain privileges and read arbitrary kernel memory via a crafted applica...
CVE-2013-1342
Technical details for CVE-2013-1342 are not publicly available in the provided Connected documents. The initial description contains general vulnerability information only. Monitor for updates from official advisories and vendor advisories to obtain affected products, impact, and remediation spec...
CVE-2013-3136
CVE-2013-3136 describes a local information-disclosure vulnerability in the Windows kernel on 32-bit Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, and Windows 8. The issue stems from how the kernel handles unspecified page-fault system calls, allowing a crafted local...
CVE-2002-0034
The CVE-2002-0034 issue concerns Microsoft CONVERT.EXE on Windows 2000/XP when converting FAT32 to NTFS. The vulnerability arises because default NTFS permissions are not applied during conversion, potentially producing a filesystem with less secure permissions than expected. Public sources (NVD/...
CVE-2003-0660
The CVE-2003-0660 issue is a vulnerability in the Authenticode verification mechanism used by Windows NT through Server 2003. Under low-memory conditions, an ActiveX control could be downloaded and installed without prompting the user, enabling remote code execution with the user’s privileges whe...
CVE-2004-0123
CVE-2004-0123 (ASN.1 “Double Free”) affects Windows platforms including NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The issue is a potential memory-management error caused by a possible double-free condition in the Microsoft ASN.1 Library, which could lead to memory corruption and,...
CVE-2005-1980
CVE-2005-1980 corresponds to the MSDTC TIP Denial of Service vulnerability described in Microsoft Security Bulletin MS05-051 (CAN-2005-1980). The flaw affects MSDTC TIP processing, enabling a remote attacker to cause the DTC service to stop responding by sending a crafted TIP message. Microsoft l...
CVE-2007-5133
Microsoft Windows Explorer (explorer.exe) is affected by CVE-2007-5133. A crafted PNG file with a large tEXt chunk may trigger an integer overflow in PNG chunk size handling, allowing user‑assisted remote attackers to cause a denial of service (CPU consumption). The connected sources explicitly d...
CVE-2011-1239
CVE-2011-1239 is a use-after-free vulnerability in the Windows kernel-mode driver win32k.sys that allows local privilege escalation. A crafted action exploits incorrect driver object management to gain full control. Affected products/versions include Windows XP (SP2, SP3), Windows Server 2003 (SP...
CVE-2011-1241
The CVE-2011-1241 entry details a use-after-free in the Windows kernel-mode driver Win32k.sys that can allow local privilege escalation via crafted code, due to incorrect driver object management. Affected products/versions include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP...
CVE-2011-1242
CVE-2011-1242 is a Win32k.sys use-after-free local privilege-escalation vulnerability. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 SP1. Cause: incorrect management of kernel-mode driver objects in win32k.sys leading to use-after-free...
CVE-2011-1875
CVE-2011-1875 is a use-after-free vulnerability in win32k.sys within kernel-mode drivers that enables local privilege escalation by exploiting incorrect driver object management. Affected systems include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/...
CVE-2011-1881
CVE-2011-1881 affects Windows kernel-mode drivers, specifically win32k.sys, with a NULL pointer dereference vulnerability that enables local privilege escalation. Affected products include Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2 and R2 S...
CVE-2012-1893
CVE-2012-1893 affects a Windows kernel-mode component, specifically the win32k.sys driver. The vulnerability arises from improper validation of callback parameters when creating a hook procedure, enabling local users to escalate privileges by crafting a malicious application. Affected products in...
CVE-2013-1260
CVE-2013-1260 is a race condition in the Windows win32k.sys kernel-mode driver that enables local privilege escalation and reading arbitrary kernel memory. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP2), Windows Server 2008 (SP2 and R2 SP1), and Win...
CVE-2013-3866
CVE-2013-3866 is a Windows kernel‑mode driver privilege escalation in Win32k.sys affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8, Server 2012, Windows RT). The root cause is a crafted application that allows local users to gain...
CVE-2004-0208
CVE-2004-0208 is a local privilege-elevation vulnerability in the Windows kernel/VDM subsystem. The Windows Virtual DOS Machine (VDM) component could allow an authenticated, locally logged-on attacker to gain kernel privileges by executing code in memory areas not properly validated when handling...
CVE-2004-1361
The CVE-2004-1361 issue affects Microsoft Windows where winhlp32.exe parses help files (.hlp). Affected: Windows NT, Windows 2000 (SP4), Windows XP (SP2), Windows 2003; vulnerability arises from an integer/length miscalculation in handling .hlp content, causing a heap-based buffer overflow. Conse...
CVE-2006-0005
The CVE-2006-0005 vulnerability is a buffer overflow in the Windows Media Player plug-in (npdsplay.dll) used by non‑Microsoft browsers. When a user views HTML containing an EMBED tag with a long src attribute, it may allow remote code execution in the user’s context. Affected software includes Wi...
CVE-2006-0008
The CVE-2006-0008 issue affects the Korean Input Method Editor (IME) on Windows XP SP1/SP2, Windows Server 2003 up to SP1, and Office 2003. A privilege-elevation flaw exists in the Korean IME; an attacker who can log on (locally or via Remote Desktop/Terminal Services) could exploit the ShellAbou...
CVE-2006-5614
CVE-2006-5614 concerns Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2 with Internet Connection Sharing enabled. The vulnerability allows remote attackers to trigger a denial-of-service (svchost.exe crash) by sending a malformed DNS query that leads to a null pointer dere...
CVE-2006-5758
CVE-2006-5758 is a local elevation of privilege vulnerability in the Windows Graphics Rendering Engine (GDI) across Windows 2000 SP4 and Windows XP SP2. The underlying issue is how GDI Kernel structures are mapped into a global shared memory section created with insecure permissions: the section ...
CVE-2007-0210
The CVE-2007-0210 entry corresponds to a local privilege-escalation vulnerability in Windows XP SP2’s Windows Image Acquisition (WIA) service caused by an unchecked buffer. A logged-on attacker could gain complete control by starting a crafted application that abuses WIA (no remote/anonymous expl...
CVE-2007-2218
CVE-2007-2218 maps to a heap corruption/remote code execution vulnerability in the Windows Schannel security package. MS07-031 describes an issue where server-sent digital signatures are not adequately checked during the SSL handshake, allowing a remote attacker to execute code (browser or app us...
CVE-2010-0237
Technical details such as affected products, versions, and fixes for CVE-2010-0237 are not provided in the supplied documents; only the high-level description is present. Monitor for updates.
CVE-2010-3942
CVE-2010-3942 affects Windows kernel-mode driver win32k.sys, where memory allocation for copies from user mode is flawed, enabling local privilege escalation on affected Windows versions (XP SP2/SP3, 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7). Connected sources corroborate t...
CVE-2011-0045
CVE-2011-0045 affects the Windows XP SP3 kernel “Trace Events” subsystem, specifically the WmiTraceMessageVa path. The vulnerability arises from improper type conversion that causes integer truncation, leading to insufficient memory allocation and a resulting buffer overflow. Exploitation enables...
CVE-2011-1236
CVE-2011-1236 is a use-after-free vulnerability in win32k.sys (kernel-mode driver) affecting multiple Windows OS versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). The issue arises from incorrect driver object management in the Win32k subsys...
CVE-2011-1868
The CVE-2011-1868 issue affects Microsoft Windows DFS (Distributed File System) implementations on Windows XP SP2/SP3 and Windows Server 2003 SP2. The root cause is improper validation of fields in DFS responses, allowing remote DFS servers to cause arbitrary code execution via crafted responses ...
CVE-2011-1869
The CVE-2011-1869 issue affects the Distributed File System (DFS) implementation on multiple Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, Windows Server 2008 Gold/SP2/R2/R2 SP1, Windows 7 Gold/SP1). A crafted DFS referral response can be sent by a remote ...
CVE-2011-1878
CVE-2011-1878 is a use-after-free vulnerability in win32k.sys, the kernel-mode driver component of Windows. A crafted local access application can trigger improper driver object management, enabling a local user to escalate privileges. Affected products include Windows XP SP2/SP3, Windows Server ...
CVE-2013-1250
CVE-2013-1250 is a race-condition-based local privilege-escalation flaw in the Windows kernel-mode driver win32k.sys. Affected software (per PT-2013-3009) includes Windows XP SP2–SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2–R2 SP1, and Windows 7 Gold–SP1. The vulnerabi...
CVE-2013-3196
The CVE-2013-3198 entry concerns the NTVDM kernel component in 32‑bit Windows platforms (XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, Windows 8). The vulnerability arises from improper validation of kernel‑memory addresses in NTVDM, enabling local users to gain privileges o...
CVE-2002-0283
CVE-2002-0283 affects Windows XP where an attacker can induce CPU consumption (DoS) by sending a flood of TCP SYN packets with possibly malformed data to port 445 (SMB). This is a network-vector, low-complexity attack requiring no authentication, with the impact described as partial availability....
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2003-0112
CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...
CVE-2004-0839
CVE-2004-0839 is the IE Drag-and-Drop Vulnerability. The connected docs show it as a publicly disclosed CAN-2005-0053 vulnerability, which was addressed by Microsoft security updates MS05-014 and related MS05-008. The vulnerability arises from Internet Explorer handling drag-and-drop events, allo...