Max CVSS 10.0 Min CVSS 4.3 Total Count22
IDCVSSSummaryLast (major) updatePublished
CVE-2011-0030 4.7
The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted applicatio
14-02-2013 - 00:00 08-02-2011 - 20:00
CVE-2011-0045 7.2
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain pr
21-09-2011 - 00:00 08-02-2011 - 20:00
CVE-2011-0038 9.3
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "I
20-07-2011 - 00:00 10-02-2011 - 11:00
CVE-2011-0093 9.3
ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Da
18-07-2011 - 22:42 10-02-2011 - 11:00
CVE-2011-0091 6.4
Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES
18-07-2011 - 22:42 10-02-2011 - 11:00
CVE-2011-0090 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users t
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0089 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users t
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0088 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users t
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0087 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted applicat
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0086 7.2
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users t
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0043 7.2
Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Ker
18-07-2011 - 22:42 10-02-2011 - 11:00
CVE-2011-0040 5.0
The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a c
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0039 7.2
The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LS
18-07-2011 - 22:42 08-02-2011 - 20:00
CVE-2011-0035 9.3
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
18-07-2011 - 22:42 10-02-2011 - 11:00
CVE-2011-0033 9.3
The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts,
18-07-2011 - 22:42 10-02-2011 - 11:00
CVE-2010-4398 7.2
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain
18-07-2011 - 22:41 06-12-2010 - 08:44
CVE-2010-3972 10.0
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a den
18-07-2011 - 22:41 23-12-2010 - 13:00
CVE-2010-3971 9.3
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code
18-07-2011 - 22:40 22-12-2010 - 16:00
CVE-2010-3970 9.3
Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and
18-07-2011 - 00:00 22-12-2010 - 16:00
CVE-2011-0031 4.3
The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote attackers to trigger memory corruption and consequently obt
18-07-2011 - 00:00 08-02-2011 - 20:00
CVE-2011-0036 9.3
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
18-07-2011 - 00:00 10-02-2011 - 11:00
CVE-2011-0092 9.3
The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler
18-07-2011 - 00:00 10-02-2011 - 11:00
Back to Top Mark selected
Back to Top