Max CVSS 10.0 Min CVSS 2.1 Total Count376
IDCVSSSummaryLast (major) updatePublished
CVE-2006-0010 9.3
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded
18-11-2016 - 21:59 10-01-2006 - 17:03
CVE-2008-1087 9.3
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflo
08-11-2016 - 13:13 08-04-2008 - 19:05
CVE-2008-1453 8.3
The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
08-11-2016 - 13:06 11-06-2008 - 22:32
CVE-2008-3008 9.3
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Me
08-11-2016 - 13:02 10-09-2008 - 21:11
CVE-2008-1444 9.3
Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the
08-11-2016 - 12:00 11-06-2008 - 22:32
CVE-2008-2947 6.8
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.hre
08-11-2016 - 11:57 30-06-2008 - 18:41
CVE-2008-2253 9.3
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Samp
08-11-2016 - 11:42 10-09-2008 - 21:10
CVE-2008-1086 9.3
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, wh
08-11-2016 - 11:39 08-04-2008 - 19:05
CVE-2008-1083 9.3
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a mal
08-11-2016 - 11:27 08-04-2008 - 19:05
CVE-2008-0087 8.8
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
08-11-2016 - 11:04 08-04-2008 - 19:05
CVE-2008-0011 9.3
Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a c
08-11-2016 - 11:01 11-06-2008 - 22:32
CVE-2008-1442 9.3
Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Object
07-11-2016 - 17:26 11-06-2008 - 22:32
CVE-2005-2127 7.5
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for
07-11-2016 - 17:18 19-08-2005 - 00:00
CVE-2005-2829 5.1
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the dis
17-10-2016 - 23:30 14-12-2005 - 06:03
CVE-2005-2087 5.0
Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedd
17-10-2016 - 23:24 05-07-2005 - 00:00
CVE-2005-1987 7.5
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstra
17-10-2016 - 23:23 13-10-2005 - 06:02
CVE-2005-1790 2.6
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "M
17-10-2016 - 23:22 01-06-2005 - 00:00
CVE-2005-1218 5.0
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
17-10-2016 - 23:18 10-08-2005 - 00:00
CVE-2005-0803 5.0
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be
17-10-2016 - 23:14 02-05-2005 - 00:00
CVE-2005-0688 5.0
Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence o
17-10-2016 - 23:13 05-03-2005 - 00:00
CVE-2005-0063 7.5
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML App
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0060 7.2
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0047 7.2
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0045 7.5
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2)
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2004-1305 5.0
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory ad
17-10-2016 - 22:53 23-12-2004 - 00:00
CVE-2004-1080 10.0
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS re
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1060 5.0
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
17-10-2016 - 22:51 12-04-2004 - 00:00
CVE-2004-1049 5.1
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and I
17-10-2016 - 22:50 31-12-2004 - 00:00
CVE-2004-0790 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
17-10-2016 - 22:49 12-04-2005 - 00:00
CVE-2004-0575 10.0
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unche
17-10-2016 - 22:46 03-11-2004 - 00:00
CVE-2004-0574 10.0
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, poss
17-10-2016 - 22:46 03-11-2004 - 00:00
CVE-2004-0568 10.0
HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious
17-10-2016 - 22:46 10-01-2005 - 00:00
CVE-2004-0230 5.0
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that u
17-10-2016 - 22:42 18-08-2004 - 00:00
CVE-2004-0212 10.0
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Interne
17-10-2016 - 22:41 06-08-2004 - 00:00
CVE-2004-0206 7.5
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or appl
17-10-2016 - 22:41 03-11-2004 - 00:00
CVE-2004-0199 5.1
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability
17-10-2016 - 22:41 14-06-2004 - 00:00
CVE-2003-0907 5.1
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr
17-10-2016 - 22:38 01-06-2004 - 00:00
CVE-2003-0822 7.5
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0818 7.5
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encod
17-10-2016 - 22:37 03-03-2004 - 00:00
CVE-2003-0813 5.1
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one th
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0812 7.5
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0718 5.0
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML element
17-10-2016 - 22:36 03-11-2004 - 00:00
CVE-2003-0717 7.5
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
17-10-2016 - 22:36 17-11-2003 - 00:00
CVE-2003-0715 10.0
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a d
17-10-2016 - 22:36 17-09-2003 - 00:00
CVE-2003-0711 7.5
Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.
17-10-2016 - 22:36 17-11-2003 - 00:00
CVE-2003-0659 7.2
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
17-10-2016 - 22:36 17-11-2003 - 00:00
CVE-2003-0605 7.5
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject int
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0533 7.5
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and
17-10-2016 - 22:35 01-06-2004 - 00:00
CVE-2003-0528 10.0
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CV
17-10-2016 - 22:35 17-09-2003 - 00:00
CVE-2003-0352 7.5
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
17-10-2016 - 22:32 18-08-2003 - 00:00
CVE-2003-0350 4.6
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility M
17-10-2016 - 22:32 18-08-2003 - 00:00
CVE-2003-0306 7.2
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0225 5.0
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory cons
17-10-2016 - 22:30 09-06-2003 - 00:00
CVE-2003-0224 10.0
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer
17-10-2016 - 22:30 09-06-2003 - 00:00
CVE-2003-0109 7.5
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0010 7.5
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a lar
17-10-2016 - 22:28 24-03-2003 - 00:00
CVE-2002-0863 5.0
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0862 7.5
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express f
17-10-2016 - 22:22 04-10-2002 - 00:00
CVE-2002-0724 7.5
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServer
17-10-2016 - 22:21 24-09-2002 - 00:00
CVE-2002-0693 7.5
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long
17-10-2016 - 22:21 10-10-2002 - 00:00
CVE-2002-0648 5.0
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
17-10-2016 - 22:21 24-09-2002 - 00:00
CVE-2002-0367 7.2
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, a
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0364 7.5
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
17-10-2016 - 22:19 03-07-2002 - 00:00
CVE-2002-0151 7.2
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
17-10-2016 - 22:16 04-04-2002 - 00:00
CVE-2002-0079 7.5
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
17-10-2016 - 22:15 22-04-2002 - 00:00
CVE-2002-0075 7.5
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
17-10-2016 - 22:15 22-04-2002 - 00:00
CVE-2002-0073 5.0
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
17-10-2016 - 22:15 22-04-2002 - 00:00
CVE-2002-0071 7.5
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
17-10-2016 - 22:15 22-04-2002 - 00:00
CVE-2002-0070 7.6
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
17-10-2016 - 22:15 15-03-2002 - 00:00
CVE-2002-0055 5.0
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2001-0879 5.0
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
17-10-2016 - 22:12 20-12-2001 - 00:00
CVE-2001-0333 7.5
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
17-10-2016 - 22:10 27-06-2001 - 00:00
CVE-2001-0241 10.0
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
17-10-2016 - 22:10 27-06-2001 - 00:00
CVE-2001-0154 7.5
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
17-10-2016 - 22:10 03-05-2001 - 00:00
CVE-2008-4033 4.3
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the
10-08-2015 - 10:56 12-11-2008 - 18:30
CVE-2008-3466 10.0
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or
14-07-2015 - 13:48 14-10-2008 - 20:12
CVE-2007-0218 9.3
Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.
07-09-2013 - 01:19 12-06-2007 - 15:30
CVE-2007-0040 10.0
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a
25-08-2013 - 01:22 10-07-2007 - 18:30
CVE-2004-0214 10.0
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long s
06-08-2013 - 15:12 03-11-2004 - 00:00
CVE-2000-0778 5.0
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
03-08-2013 - 00:14 20-10-2000 - 00:00
CVE-2005-1990 5.1
Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, inc
01-08-2013 - 00:46 10-08-2005 - 00:00
CVE-2004-0420 10.0
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demo
23-07-2013 - 01:18 07-07-2004 - 00:00
CVE-2010-0249 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote
13-07-2013 - 02:41 15-01-2010 - 12:30
CVE-2007-2222 9.3
Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object tha
05-11-2012 - 22:37 12-06-2007 - 15:30
CVE-2007-1658 9.3
Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at
05-11-2012 - 22:35 24-03-2007 - 15:19
CVE-2007-0038 9.3
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) a
05-11-2012 - 22:30 30-03-2007 - 16:19
CVE-2008-4250 10.0
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during p
30-10-2012 - 23:04 23-10-2008 - 18:00
CVE-2008-4037 9.3
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as
30-10-2012 - 23:03 12-11-2008 - 18:30
CVE-2008-4029 4.3
Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external
30-10-2012 - 23:03 12-11-2008 - 18:30
CVE-2007-3038 7.8
The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Wi
30-10-2012 - 22:37 10-07-2007 - 18:30
CVE-2007-3027 9.3
Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation V
30-10-2012 - 22:37 12-06-2007 - 15:30
CVE-2007-2229 7.2
Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permis
30-10-2012 - 22:33 12-06-2007 - 15:30
CVE-2007-2227 4.3
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domai
30-10-2012 - 22:33 12-06-2007 - 17:30
CVE-2007-2225 4.3
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer
30-10-2012 - 22:33 12-06-2007 - 16:30
CVE-2007-1751 9.3
Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corrupti
30-10-2012 - 22:32 12-06-2007 - 15:30
CVE-2007-1750 9.3
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption.
30-10-2012 - 22:32 12-06-2007 - 15:30
CVE-2007-1499 4.3
Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing attacks and possibly execute arbitrary code via a res: URI to navcancl.htm with an arbitrary URL as an argument, which displays the URL in the locatio
30-10-2012 - 22:31 17-03-2007 - 06:19
CVE-2007-0936 9.3
Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging
30-10-2012 - 22:29 12-06-2007 - 15:30
CVE-2007-0934 9.3
Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.
30-10-2012 - 22:29 12-06-2007 - 15:30
CVE-2007-0099 9.3
Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in
30-10-2012 - 22:27 08-01-2007 - 15:28
CVE-2007-0043 9.3
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer,
30-10-2012 - 22:26 10-07-2007 - 18:30
CVE-2007-0041 9.3
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths
30-10-2012 - 22:26 10-07-2007 - 18:30
CVE-2010-0494 4.3
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the cl
14-09-2012 - 13:52 31-03-2010 - 15:30
CVE-2008-2463 6.8
The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine
12-09-2012 - 22:29 07-07-2008 - 19:41
CVE-2008-3013 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
18-10-2011 - 00:00 10-09-2008 - 21:11
CVE-2008-2245 9.3
Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2
17-10-2011 - 00:00 12-08-2008 - 20:41
CVE-2007-5348 9.3
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerP
17-10-2011 - 00:00 10-09-2008 - 21:01
CVE-2006-0034 7.5
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code v
17-10-2011 - 00:00 09-05-2006 - 22:14
CVE-2008-3015 9.3
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2,
12-10-2011 - 00:00 10-09-2008 - 21:11
CVE-2006-2218 9.3
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object
11-10-2011 - 00:00 05-05-2006 - 08:46
CVE-2006-1626 4.3
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a
11-10-2011 - 00:00 05-04-2006 - 06:04
CVE-2008-2258 9.3
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a spec
03-10-2011 - 00:00 13-08-2008 - 08:42
CVE-2008-2257 9.3
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a spec
03-10-2011 - 00:00 13-08-2008 - 08:42
CVE-2008-2254 9.3
Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability."
03-10-2011 - 00:00 13-08-2008 - 08:42
CVE-2006-1192 2.6
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to anot
03-10-2011 - 00:00 11-04-2006 - 19:02
CVE-2005-4360 7.8
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.d
03-10-2011 - 00:00 19-12-2005 - 20:03
CVE-2008-3021 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field,
27-09-2011 - 00:00 12-08-2008 - 19:41
CVE-2008-3006 9.3
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 a
27-09-2011 - 00:00 12-08-2008 - 19:41
CVE-2008-3005 9.3
Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array
27-09-2011 - 00:00 12-08-2008 - 19:41
CVE-2008-3004 9.3
Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute a
27-09-2011 - 00:00 12-08-2008 - 19:41
CVE-2007-1211 7.1
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image tha
27-09-2011 - 00:00 04-04-2007 - 12:19
CVE-2006-2111 4.3
A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cr
27-09-2011 - 00:00 01-05-2006 - 15:06
CVE-2005-4089 7.1
Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) file
27-09-2011 - 00:00 08-12-2005 - 06:03
CVE-2006-5758 7.2
The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read
22-09-2011 - 00:00 06-11-2006 - 15:07
CVE-2005-4560 7.5
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows P
22-09-2011 - 00:00 28-12-2005 - 14:03
CVE-2008-4114 7.1
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact vi
04-08-2011 - 00:00 16-09-2008 - 19:00
CVE-2007-6026 9.3
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing
02-08-2011 - 00:00 19-11-2007 - 19:46
CVE-2007-3040 9.3
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agen
02-08-2011 - 00:00 11-09-2007 - 21:17
CVE-2008-3704 9.3
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
01-08-2011 - 00:00 18-08-2008 - 15:41
CVE-2010-0820 9.0
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP S
18-07-2011 - 22:35 15-09-2010 - 15:00
CVE-2006-5559 9.3
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when
11-07-2011 - 00:00 27-10-2006 - 12:07
CVE-2008-1448 7.1
The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended a
20-06-2011 - 00:00 12-08-2008 - 20:41
CVE-2008-1544 7.1
The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers t
14-06-2011 - 00:00 28-03-2008 - 19:44
CVE-2006-2373 10.0
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEIT
14-06-2011 - 00:00 13-06-2006 - 15:06
CVE-2008-0116 9.3
Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerabilit
18-04-2011 - 00:00 11-03-2008 - 19:44
CVE-2008-0081 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnera
15-04-2011 - 00:00 16-01-2008 - 18:00
CVE-2006-2385 7.6
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht)
15-04-2011 - 00:00 13-06-2006 - 15:06
CVE-2006-2382 10.0
Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decod
15-04-2011 - 00:00 13-06-2006 - 15:06
CVE-2006-1303 9.3
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransfo
15-04-2011 - 00:00 13-06-2006 - 15:06
CVE-2006-1189 10.0
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Char
15-04-2011 - 00:00 11-04-2006 - 19:02
CVE-2008-0077 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG e
13-04-2011 - 00:00 12-02-2008 - 18:00
CVE-2008-1434 9.3
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (C
12-04-2011 - 00:00 13-05-2008 - 18:20
CVE-2008-0113 9.3
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," ak
12-04-2011 - 00:00 11-03-2008 - 19:44
CVE-2007-3897 9.3
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
12-04-2011 - 00:00 09-10-2007 - 18:17
CVE-2007-2223 9.3
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
12-04-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-0947 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of
12-04-2011 - 00:00 08-05-2007 - 19:19
CVE-2008-1084 7.2
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: i
28-03-2011 - 00:00 08-04-2008 - 19:05
CVE-2007-0069 9.3
Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that t
28-03-2011 - 00:00 08-01-2008 - 15:46
CVE-2007-0066 7.1
The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-boun
28-03-2011 - 00:00 08-01-2008 - 15:46
CVE-2006-0008 7.2
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and cl
28-03-2011 - 00:00 14-02-2006 - 14:06
CVE-2008-0109 9.3
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation err
10-03-2011 - 00:00 12-02-2008 - 18:00
CVE-2007-1209 7.2
Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and clo
10-03-2011 - 00:00 10-04-2007 - 17:19
CVE-2008-4835 10.0
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets
07-03-2011 - 22:13 14-01-2009 - 17:30
CVE-2008-4834 10.0
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Tra
07-03-2011 - 22:13 14-01-2009 - 17:30
CVE-2008-4260 8.5
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
07-03-2011 - 22:12 10-12-2008 - 09:00
CVE-2008-4258 8.5
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Paramet
07-03-2011 - 22:12 10-12-2008 - 09:00
CVE-2008-4256 8.5
The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote at
07-03-2011 - 22:12 10-12-2008 - 09:00
CVE-2008-4253 8.5
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allo
07-03-2011 - 22:12 10-12-2008 - 09:00
CVE-2008-4252 8.5
The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a c
07-03-2011 - 22:12 10-12-2008 - 09:00
CVE-2008-4038 10.0
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a cr
07-03-2011 - 22:11 14-10-2008 - 20:12
CVE-2008-4032 7.5
Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obt
07-03-2011 - 22:11 10-12-2008 - 09:00
CVE-2008-4023 10.0
Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."
07-03-2011 - 22:11 14-10-2008 - 20:12
CVE-2008-4020 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which rende
07-03-2011 - 22:11 14-10-2008 - 20:12
CVE-2008-4019 9.3
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold
07-03-2011 - 22:11 14-10-2008 - 20:12
CVE-2008-3477 9.3
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel fil
07-03-2011 - 22:10 14-10-2008 - 20:12
CVE-2008-3471 9.3
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; O
07-03-2011 - 22:10 14-10-2008 - 20:12
CVE-2008-3465 9.3
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WM
07-03-2011 - 22:10 10-12-2008 - 09:00
CVE-2008-3019 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Ma
07-03-2011 - 22:10 12-08-2008 - 19:41
CVE-2008-3018 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulne
07-03-2011 - 22:10 12-08-2008 - 19:41
CVE-2008-3014 9.3
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 20
07-03-2011 - 22:10 10-09-2008 - 21:11
CVE-2008-3012 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
07-03-2011 - 22:10 10-09-2008 - 21:11
CVE-2008-3010 10.0
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and ex
07-03-2011 - 22:10 10-12-2008 - 09:00
CVE-2008-3009 10.0
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which all
07-03-2011 - 22:10 10-12-2008 - 09:00
CVE-2008-3007 9.3
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "
07-03-2011 - 22:10 10-09-2008 - 21:11
CVE-2008-2259 9.3
Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability."
07-03-2011 - 22:08 13-08-2008 - 08:42
CVE-2008-2256 9.3
Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uni
07-03-2011 - 22:08 13-08-2008 - 08:42
CVE-2008-2255 9.3
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Objec
07-03-2011 - 22:08 13-08-2008 - 08:42
CVE-2008-2252 7.2
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted
07-03-2011 - 22:08 14-10-2008 - 20:12
CVE-2008-2251 7.2
Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multipl
07-03-2011 - 22:08 14-10-2008 - 20:12
CVE-2008-2250 7.2
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which all
07-03-2011 - 22:08 14-10-2008 - 20:12
CVE-2008-2249 9.3
Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffe
07-03-2011 - 22:08 10-12-2008 - 09:00
CVE-2008-2246 7.8
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypas
07-03-2011 - 22:08 12-08-2008 - 20:41
CVE-2008-2244 9.3
Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
07-03-2011 - 22:08 09-07-2008 - 18:41
CVE-2008-1457 9.0
The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a cr
07-03-2011 - 22:07 13-08-2008 - 08:42
CVE-2008-1456 9.0
Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription req
07-03-2011 - 22:07 13-08-2008 - 08:42
CVE-2008-1446 9.0
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users
07-03-2011 - 22:07 14-10-2008 - 20:12
CVE-2008-1091 9.3
Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers
07-03-2011 - 22:05 13-05-2008 - 18:20
CVE-2008-1090 9.3
Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."
07-03-2011 - 22:05 08-04-2008 - 19:05
CVE-2008-1089 9.3
Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability
07-03-2011 - 22:05 08-04-2008 - 19:05
CVE-2008-1088 9.3
Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations."
07-03-2011 - 22:05 08-04-2008 - 19:05
CVE-2008-1085 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that do
07-03-2011 - 22:05 08-04-2008 - 19:05
CVE-2008-0119 9.3
Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corrupt
07-03-2011 - 22:03 13-05-2008 - 18:20
CVE-2008-0118 9.3
Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corrupti
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0117 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnera
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0115 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerabil
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0114 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0112 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Impo
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0111 9.3
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validati
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0110 9.3
Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.
07-03-2011 - 22:03 11-03-2008 - 19:44
CVE-2008-0104 9.3
Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."
07-03-2011 - 22:03 12-02-2008 - 18:00
CVE-2008-0103 9.3
Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling e
07-03-2011 - 22:03 12-02-2008 - 19:00
CVE-2008-0102 10.0
Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability."
07-03-2011 - 22:03 12-02-2008 - 18:00
CVE-2008-0080 10.0
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.
07-03-2011 - 22:03 12-02-2008 - 18:00
CVE-2008-0078 9.3
Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."
07-03-2011 - 22:03 12-02-2008 - 18:00
CVE-2008-0076 9.3
Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."
07-03-2011 - 22:03 12-02-2008 - 18:00
CVE-2007-5352 7.2
Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows local users to gain privileges via a crafted local procedure call (LPC) request.
07-03-2011 - 22:00 08-01-2008 - 15:46
CVE-2007-3899 9.3
Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."
07-03-2011 - 21:57 09-10-2007 - 18:17
CVE-2007-3890 9.3
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
07-03-2011 - 21:57 14-08-2007 - 17:17
CVE-2007-3036 6.9
Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "
07-03-2011 - 21:55 11-09-2007 - 21:17
CVE-2007-3028 5.0
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP r
07-03-2011 - 21:55 10-07-2007 - 18:30
CVE-2007-2221 9.3
Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 o
07-03-2011 - 21:53 08-05-2007 - 19:19
CVE-2007-1215 7.2
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
07-03-2011 - 21:51 04-04-2007 - 12:19
CVE-2007-1213 7.2
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
07-03-2011 - 21:51 04-04-2007 - 12:19
CVE-2007-1212 6.6
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.
07-03-2011 - 21:51 04-04-2007 - 12:19
CVE-2007-1205 9.3
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
07-03-2011 - 21:51 10-04-2007 - 17:19
CVE-2007-1201 9.3
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components Data
07-03-2011 - 21:51 11-03-2008 - 19:44
CVE-2007-0948 9.3
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and i
07-03-2011 - 21:51 14-08-2007 - 18:17
CVE-2007-0946 9.3
Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the fir
07-03-2011 - 21:51 08-05-2007 - 19:19
CVE-2007-0945 9.3
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corrupt
07-03-2011 - 21:51 08-05-2007 - 19:19
CVE-2007-0944 9.3
Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute
07-03-2011 - 21:51 08-05-2007 - 19:19
CVE-2007-0940 9.3
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, a
07-03-2011 - 21:51 08-05-2007 - 19:19
CVE-2007-0675 7.6
A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorize
07-03-2011 - 21:50 02-02-2007 - 20:28
CVE-2007-0211 7.2
The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of
07-03-2011 - 21:49 13-02-2007 - 15:28
CVE-2007-0210 7.2
The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an "unchecked buffer," probably a buffer overflow.
07-03-2011 - 21:49 13-02-2007 - 15:28
CVE-2007-0065 10.0
Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a c
07-03-2011 - 21:48 12-02-2008 - 18:00
CVE-2007-0042 7.8
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechani
07-03-2011 - 21:48 10-07-2007 - 18:30
CVE-2007-0024 9.3
Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted
07-03-2011 - 21:48 09-01-2007 - 18:28
CVE-2006-6797 6.6
The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a differe
07-03-2011 - 21:46 28-12-2006 - 10:28
CVE-2006-6696 6.9
Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Serv
07-03-2011 - 21:46 21-12-2006 - 21:28
CVE-2006-5586 7.2
The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability.
07-03-2011 - 21:43 04-04-2007 - 12:19
CVE-2006-4686 7.5
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.
07-03-2011 - 21:41 10-10-2006 - 18:07
CVE-2006-4685 2.6
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
07-03-2011 - 21:41 10-10-2006 - 18:07
CVE-2006-2384 4.3
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-2383 9.3
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control,
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-2379 9.3
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-2378 6.8
Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corr
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-2371 7.5
Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via cer
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-2370 7.5
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC
07-03-2011 - 21:36 13-06-2006 - 15:06
CVE-2006-1388 7.5
Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors.
07-03-2011 - 21:32 24-03-2006 - 15:02
CVE-2006-1359 9.3
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
07-03-2011 - 21:32 22-03-2006 - 19:06
CVE-2006-1313 6.8
Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary
07-03-2011 - 21:32 13-06-2006 - 15:06
CVE-2006-1245 7.5
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, a
07-03-2011 - 21:32 16-03-2006 - 20:02
CVE-2006-1191 4.0
Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the
07-03-2011 - 21:32 11-04-2006 - 19:02
CVE-2006-1190 10.0
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and al
07-03-2011 - 21:32 11-04-2006 - 19:02
CVE-2006-1188 7.5
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
07-03-2011 - 21:32 11-04-2006 - 19:02
CVE-2006-1186 10.0
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.
07-03-2011 - 21:32 11-04-2006 - 19:02
CVE-2006-1185 7.5
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
07-03-2011 - 21:32 11-04-2006 - 19:02
CVE-2006-1184 5.0
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of
07-03-2011 - 21:32 09-05-2006 - 22:14
CVE-2006-0058 7.6
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory location
07-03-2011 - 21:29 22-03-2006 - 15:06
CVE-2006-0024 5.1
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
07-03-2011 - 21:29 15-03-2006 - 11:06
CVE-2006-0014 5.1
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
07-03-2011 - 21:29 11-04-2006 - 20:02
CVE-2006-0013 6.5
Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CV
07-03-2011 - 21:29 14-02-2006 - 14:06
CVE-2006-0012 5.1
Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "
07-03-2011 - 21:29 11-04-2006 - 20:02
CVE-2006-0003 5.1
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown att
07-03-2011 - 21:29 11-04-2006 - 20:02
CVE-2005-2831 7.5
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for
07-03-2011 - 21:25 14-12-2005 - 06:03
CVE-2005-2830 5.0
Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."
07-03-2011 - 21:25 14-12-2005 - 06:03
CVE-2005-2628 5.1
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
07-03-2011 - 21:24 05-11-2005 - 06:02
CVE-2005-2123 7.5
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format im
07-03-2011 - 21:23 29-11-2005 - 16:03
CVE-2005-1989 7.5
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability
07-03-2011 - 21:23 10-08-2005 - 00:00
CVE-2005-1988 5.1
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption
07-03-2011 - 21:23 10-08-2005 - 00:00
CVE-2005-1983 10.0
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious applica
07-03-2011 - 21:23 10-08-2005 - 00:00
CVE-2005-1191 5.0
The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View co
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2008-4261 9.3
Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers t
07-03-2011 - 00:00 10-12-2008 - 09:00
CVE-2008-4259 9.3
Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file wit
07-03-2011 - 00:00 10-12-2008 - 09:00
CVE-2008-4255 9.3
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Proj
07-03-2011 - 00:00 10-12-2008 - 09:00
CVE-2008-4254 8.5
Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols prop
07-03-2011 - 00:00 10-12-2008 - 09:00
CVE-2008-3460 9.3
WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG fil
07-03-2011 - 00:00 12-08-2008 - 19:41
CVE-2008-3003 6.6
Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information an
07-03-2011 - 00:00 12-08-2008 - 19:41
CVE-2008-0083 9.3
The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary
07-03-2011 - 00:00 08-04-2008 - 19:05
CVE-2007-4790 7.5
Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to e
07-03-2011 - 00:00 10-09-2007 - 17:17
CVE-2007-3896 9.3
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as de
07-03-2011 - 00:00 10-10-2007 - 20:17
CVE-2007-2224 9.3
Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextN
07-03-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-1748 10.0
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name conta
07-03-2011 - 00:00 13-04-2007 - 14:19
CVE-2007-1206 7.2
The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which a
07-03-2011 - 00:00 10-04-2007 - 17:19
CVE-2007-0942 9.3
Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls,
07-03-2011 - 00:00 08-05-2007 - 19:19
CVE-2006-2380 4.3
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."
07-03-2011 - 00:00 13-06-2006 - 15:06
CVE-2006-2374 2.1
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file hand
07-03-2011 - 00:00 13-06-2006 - 15:06
CVE-2006-0023 4.3
Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1)
07-03-2011 - 00:00 07-02-2006 - 21:18
CVE-2006-0021 7.8
Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
07-03-2011 - 00:00 14-02-2006 - 14:06
CVE-2010-0490 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
21-08-2010 - 01:39 31-03-2010 - 15:30
CVE-2010-0248 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
21-08-2010 - 01:39 22-01-2010 - 17:00
CVE-2010-0246 9.3
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
21-08-2010 - 01:39 22-01-2010 - 17:00
CVE-2010-0245 9.3
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
21-08-2010 - 01:39 22-01-2010 - 17:00
CVE-2010-0244 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
21-08-2010 - 01:39 22-01-2010 - 17:00
CVE-2009-4074 4.3
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of
21-08-2010 - 01:36 25-11-2009 - 13:30
CVE-2009-3674 9.3
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
21-08-2010 - 01:36 09-12-2009 - 13:30
CVE-2009-3673 9.3
Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
21-08-2010 - 01:36 09-12-2009 - 13:30
CVE-2009-3671 9.3
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
21-08-2010 - 01:36 09-12-2009 - 13:30
CVE-2009-2524 7.8
Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and
21-08-2010 - 01:34 14-10-2009 - 06:30
CVE-2010-0492 9.3
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption,
21-08-2010 - 00:00 31-03-2010 - 15:30
CVE-2010-0027 9.3
The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attac
21-08-2010 - 00:00 22-01-2010 - 17:00
CVE-2002-0193 7.5
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating sys
10-09-2008 - 20:00 29-05-2002 - 00:00
CVE-2002-0149 7.5
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2002-0147 7.5
Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2005-2307 5.0
netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability."
10-09-2008 - 15:41 19-07-2005 - 00:00
CVE-2005-2128 5.0
QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
10-09-2008 - 15:41 12-10-2005 - 09:04
CVE-2005-2126 2.6
The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwri
10-09-2008 - 15:41 21-10-2005 - 14:02
CVE-2005-2122 10.0
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Serve
10-09-2008 - 15:41 21-10-2005 - 14:02
CVE-2005-2120 6.5
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters
10-09-2008 - 15:41 13-10-2005 - 06:02
CVE-2005-2119 5.0
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an i
10-09-2008 - 15:41 12-10-2005 - 09:04
CVE-2005-2118 5.1
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the use
10-09-2008 - 15:41 21-10-2005 - 14:02
CVE-2005-2117 5.1
Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.
10-09-2008 - 15:41 21-10-2005 - 14:02
CVE-2005-1985 7.5
The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
10-09-2008 - 15:40 13-10-2005 - 06:02
CVE-2005-1984 7.5
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
10-09-2008 - 15:40 10-08-2005 - 00:00
CVE-2005-1982 3.6
Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain control
10-09-2008 - 15:40 10-08-2005 - 00:00
CVE-2005-1981 2.1
Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message.
10-09-2008 - 15:40 10-08-2005 - 00:00
CVE-2005-1980 5.0
Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port nu
10-09-2008 - 15:40 12-10-2005 - 09:04
CVE-2005-1979 5.0
Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the T
10-09-2008 - 15:40 12-10-2005 - 09:04
CVE-2005-1978 7.5
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
10-09-2008 - 15:40 12-10-2005 - 09:04
CVE-2005-1219 7.5
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
10-09-2008 - 15:38 12-07-2005 - 00:00
CVE-2005-1214 5.1
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-1211 5.1
Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-1208 10.0
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer ov
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-1207 7.2
Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-1206 7.5
Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-1205 5.0
The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-2005-0551 10.0
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that p
10-09-2008 - 15:36 02-05-2005 - 00:00
CVE-2005-0550 2.1
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
10-09-2008 - 15:36 02-05-2005 - 00:00
CVE-2005-0061 7.2
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2005-0059 10.0
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2005-0058 7.5
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a cr
10-09-2008 - 15:34 10-08-2005 - 00:00
CVE-2005-0053 7.5
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2005-0051 7.5
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2005-0048 7.5
Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Valid
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2005-0044 7.5
The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validat
10-09-2008 - 15:34 02-05-2005 - 00:00
CVE-2004-1319 5.0
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the par
10-09-2008 - 15:29 15-12-2004 - 00:00
CVE-2004-1043 5.0
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local z
10-09-2008 - 15:28 31-12-2004 - 00:00
CVE-2004-0901 10.0
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site,
10-09-2008 - 15:28 10-01-2005 - 00:00
CVE-2004-0897 10.0
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
10-09-2008 - 15:28 11-01-2005 - 00:00
CVE-2004-0894 7.2
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
10-09-2008 - 15:28 10-01-2005 - 00:00
CVE-2004-0893 7.2
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges,
10-09-2008 - 15:28 10-01-2005 - 00:00
CVE-2004-0654 2.1
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0572 10.0
Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grp
10-09-2008 - 15:26 03-11-2004 - 00:00
CVE-2004-0571 10.0
Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability
10-09-2008 - 15:26 10-01-2005 - 00:00
CVE-2004-0215 5.0
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
10-09-2008 - 15:25 06-08-2004 - 00:00
CVE-2004-0202 5.0
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
10-09-2008 - 15:25 06-08-2004 - 00:00
CVE-2004-0201 10.0
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vuln
10-09-2008 - 15:25 06-08-2004 - 00:00
CVE-2004-0124 2.6
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2004-0123 7.5
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2004-0120 5.0
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2004-0119 7.5
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenI
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2004-0117 7.5
Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2004-0116 5.0
An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
10-09-2008 - 15:25 01-06-2004 - 00:00
CVE-2003-1041 7.5
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it
10-09-2008 - 15:21 14-06-2004 - 00:00
CVE-2003-0909 7.2
Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
10-09-2008 - 15:20 01-06-2004 - 00:00
CVE-2003-0906 7.6
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or E
10-09-2008 - 15:20 01-06-2004 - 00:00
CVE-2003-0824 5.0
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain
10-09-2008 - 15:20 15-12-2003 - 00:00
CVE-2003-0806 7.5
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
10-09-2008 - 15:20 01-06-2004 - 00:00
CVE-2003-0719 7.5
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows re
10-09-2008 - 15:20 01-06-2004 - 00:00
CVE-2003-0661 5.0
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.
10-09-2008 - 15:20 20-10-2003 - 00:00
CVE-2003-0660 7.5
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user appr
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0345 7.5
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
10-09-2008 - 15:18 18-08-2003 - 00:00
CVE-2003-0223 6.8
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0112 4.6
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
10-09-2008 - 15:17 12-05-2003 - 00:00
CVE-2002-1561 5.0
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference
10-09-2008 - 15:14 02-04-2003 - 00:00
CVE-2002-0720 7.2
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
10-09-2008 - 15:12 05-09-2002 - 00:00
CVE-2002-0699 5.0
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's
10-09-2008 - 15:12 04-10-2002 - 00:00
CVE-2002-0694 7.5
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet File
10-09-2008 - 15:12 10-10-2002 - 00:00
CVE-2002-0189 7.5
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
10-09-2008 - 15:11 29-05-2002 - 00:00
CVE-2002-0150 7.5
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
10-09-2008 - 15:11 22-04-2002 - 00:00
CVE-2002-0148 7.5
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
10-09-2008 - 15:11 22-04-2002 - 00:00
CVE-2002-0074 7.5
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
10-09-2008 - 15:11 22-04-2002 - 00:00
CVE-2002-0013 10.0
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by th
10-09-2008 - 15:11 13-02-2002 - 00:00
CVE-2002-0012 10.0
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candi
10-09-2008 - 15:11 13-02-2002 - 00:00
CVE-2001-0151 5.0
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
10-09-2008 - 15:07 02-06-2001 - 00:00
CVE-2000-0886 7.5
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
10-09-2008 - 15:06 19-12-2000 - 00:00
CVE-2000-0884 7.5
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
10-09-2008 - 15:06 19-12-2000 - 00:00
CVE-2002-0053 7.5
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be
10-09-2008 - 00:00 08-03-2002 - 00:00
CVE-1999-0562 7.5
The registry in Windows NT can be accessed remotely by users who are not administrators.
09-09-2008 - 08:35 01-01-1997 - 00:00
CVE-1999-0278 5.0
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
09-09-2008 - 08:34 01-06-1998 - 00:00
CVE-1999-0874 10.0
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
09-09-2008 - 00:00 16-06-1999 - 00:00
CVE-2002-0366 7.2
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
05-09-2008 - 16:27 03-07-2002 - 00:00
CVE-2002-0051 4.6
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.
05-09-2008 - 16:27 04-04-2002 - 00:00
CVE-2001-0543 5.0
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0500 10.0
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data
05-09-2008 - 16:24 21-07-2001 - 00:00
CVE-1999-0815 5.0
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
05-09-2008 - 16:18 31-12-1999 - 00:00
Back to Top Mark selected
Back to Top