Windows Xp Security Vulnerabilities and Issues — Windows Xp CVE List

Lucene search

MicrosoftWindows Xp

10 matches found

CVE•added 2007/04/10 9:19 p.m.•61 views

CVE-2007-1204

Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption.

6.8CVSS7.9AI score0.05944EPSS

CVE•added 2007/04/11 1:19 a.m.•52 views

CVE-2007-1946

Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp.

10CVSS7.7AI score0.39645EPSS

CVE•added 2007/04/10 9:19 p.m.•51 views

CVE-2007-1206

The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which allows local users to gain privileges by modifying...

7.2CVSS6AI score0.01722EPSS

CVE•added 2007/04/10 9:19 p.m.•49 views

CVE-2007-1205

Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.

9.3CVSS7.4AI score0.61977EPSS

CVE•added 2007/04/04 4:19 p.m.•49 views

CVE-2007-1215

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.

7.2CVSS6.5AI score0.0278EPSS

CVE•added 2007/04/04 4:19 p.m.•48 views

CVE-2007-1211

Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a...

7.1CVSS6.1AI score0.90524EPSS

CVE•added 2007/04/10 11:19 p.m.•43 views

CVE-2007-1912

Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.

6.8CVSS7AI score0.21615EPSS

CVE•added 2007/04/04 4:19 p.m.•42 views

CVE-2006-5586

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."

7.2CVSS6.5AI score0.01313EPSS

CVE•added 2007/04/04 4:19 p.m.•42 views

CVE-2007-1212

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.

6.6CVSS6.3AI score0.02795EPSS

CVE•added 2007/04/30 11:19 p.m.•39 views

CVE-2007-2374

Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source...

9.3CVSS7.4AI score0.39655EPSS