Vulnerabilites related to microsoft - windows_98
cve-2004-0123
Vulnerability from cvelistv5
Published
2004-04-16 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
▼ | URL | Tags |
---|---|---|
http://www.ciac.org/ciac/bulletins/o-114.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A924 | vdb-entry, signature, x_refsource_OVAL | |
http://www.securityfocus.com/bid/10118 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15713 | vdb-entry, x_refsource_XF | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 | vendor-advisory, x_refsource_MS | |
http://www.us-cert.gov/cas/techalerts/TA04-104A.html | third-party-advisory, x_refsource_CERT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1007 | vdb-entry, signature, x_refsource_OVAL | |
http://www.kb.cert.org/vuls/id/255924 | third-party-advisory, x_refsource_CERT-VN | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1076 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.430Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "O-114", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "oval:org.mitre.oval:def:924", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A924" }, { "name": "10118", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10118" }, { "name": "win-asn1-double-free(15713)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15713" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "oval:org.mitre.oval:def:1007", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1007" }, { "name": "VU#255924", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/255924" }, { "name": "oval:org.mitre.oval:def:1076", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1076" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "O-114", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "oval:org.mitre.oval:def:924", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A924" }, { "name": "10118", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10118" }, { "name": "win-asn1-double-free(15713)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15713" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "oval:org.mitre.oval:def:1007", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1007" }, { "name": "VU#255924", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/255924" }, { "name": "oval:org.mitre.oval:def:1076", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1076" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0123", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "O-114", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "oval:org.mitre.oval:def:924", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A924" }, { "name": "10118", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10118" }, { "name": "win-asn1-double-free(15713)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15713" }, { "name": "MS04-011", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "TA04-104A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "oval:org.mitre.oval:def:1007", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1007" }, { "name": "VU#255924", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/255924" }, { "name": "oval:org.mitre.oval:def:1076", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1076" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0123", "datePublished": "2004-04-16T04:00:00", "dateReserved": "2004-02-03T00:00:00", "dateUpdated": "2024-08-08T00:10:03.430Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-0387
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052 | vendor-advisory, x_refsource_MS | |
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ168115 | vendor-advisory, x_refsource_MSKB | |
http://www.securityfocus.com/bid/829 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:51.930Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS99-052", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052" }, { "name": "Q168115", "tags": [ "vendor-advisory", "x_refsource_MSKB", "x_transferred" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ168115" }, { "name": "829", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/829" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS99-052", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052" }, { "name": "Q168115", "tags": [ "vendor-advisory", "x_refsource_MSKB" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ168115" }, { "name": "829", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/829" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0387", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS99-052", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052" }, { "name": "Q168115", "refsource": "MSKB", "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q168115" }, { "name": "829", "refsource": "BID", "url": "http://www.securityfocus.com/bid/829" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0387", "datePublished": "2000-07-12T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:51.930Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0305
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/templates/advisory.html?id=2240 | vendor-advisory, x_refsource_BINDVIEW | |
http://www.securityfocus.com/bid/1236 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:20.553Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS00-029", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" }, { "name": "20000519 jolt2 - Remote DoS against NT, W2K, 9x", "tags": [ "vendor-advisory", "x_refsource_BINDVIEW", "x_transferred" ], "url": "http://www.securityfocus.com/templates/advisory.html?id=2240" }, { "name": "1236", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1236" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS00-029", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" }, { "name": "20000519 jolt2 - Remote DoS against NT, W2K, 9x", "tags": [ "vendor-advisory", "x_refsource_BINDVIEW" ], "url": "http://www.securityfocus.com/templates/advisory.html?id=2240" }, { "name": "1236", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1236" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0305", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS00-029", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" }, { "name": "20000519 jolt2 - Remote DoS against NT, W2K, 9x", "refsource": "BINDVIEW", "url": "http://www.securityfocus.com/templates/advisory.html?id=2240" }, { "name": "1236", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1236" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0305", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-05-09T00:00:00", "dateUpdated": "2024-08-08T05:14:20.553Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-0694
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File."
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055 | vendor-advisory, x_refsource_MS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403 | vdb-entry, signature, x_refsource_OVAL | |
http://www.iss.net/security_center/static/10254.php | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:56:38.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS02-055", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "name": "oval:org.mitre.oval:def:403", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403" }, { "name": "win-chm-code-execution(10254)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/10254.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-10-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka \"Code Execution via Compiled HTML Help File.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-11-01T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS02-055", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "name": "oval:org.mitre.oval:def:403", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403" }, { "name": "win-chm-code-execution(10254)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/10254.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0694", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka \"Code Execution via Compiled HTML Help File.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS02-055", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "name": "oval:org.mitre.oval:def:403", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403" }, { "name": "win-chm-code-execution(10254)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10254.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0694", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-07-12T00:00:00", "dateUpdated": "2024-08-08T02:56:38.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0980
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/5357 | vdb-entry, x_refsource_XF | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/1781 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:32.194Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "win-nmpi-packet-dos(5357)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5357" }, { "name": "MS00-073", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073" }, { "name": "1781", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1781" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-11T00:00:00", "descriptions": [ { "lang": "en", "value": "NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "win-nmpi-packet-dos(5357)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5357" }, { "name": "MS00-073", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073" }, { "name": "1781", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1781" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0980", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "win-nmpi-packet-dos(5357)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5357" }, { "name": "MS00-073", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073" }, { "name": "1781", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1781" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0980", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:32.194Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0612
Vulnerability from cvelistv5
Published
2000-07-19 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/templates/archive.pike?list=1&msg=395B7E64.9FB3D4DB%40starzetz.de | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/1406 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.256Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000629 Buggy ARP handling in Windoze", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=395B7E64.9FB3D4DB%40starzetz.de" }, { "name": "1406", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1406" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000629 Buggy ARP handling in Windoze", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=395B7E64.9FB3D4DB%40starzetz.de" }, { "name": "1406", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1406" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0612", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000629 Buggy ARP handling in Windoze", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=395B7E64.9FB3D4DB@starzetz.de" }, { "name": "1406", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1406" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0612", "datePublished": "2000-07-19T04:00:00", "dateReserved": "2000-07-19T00:00:00", "dateUpdated": "2024-08-08T05:21:31.256Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-1898
Vulnerability from cvelistv5
Published
2007-05-16 22:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/34292 | vdb-entry, x_refsource_XF | |
http://www.netvigilance.com/advisory0026 | x_refsource_MISC | |
http://securityreason.com/securityalert/2710 | third-party-advisory, x_refsource_SREASON | |
http://www.vupen.com/english/advisories/2007/1831 | vdb-entry, x_refsource_VUPEN | |
http://www.securityfocus.com/archive/1/468644/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://www.securitytracker.com/id?1018063 | vdb-entry, x_refsource_SECTRACK | |
http://www.osvdb.org/34088 | vdb-entry, x_refsource_OSVDB | |
http://www.securityfocus.com/bid/23989 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:13:41.503Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "jetbox-formmail-mail-relay(34292)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34292" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.netvigilance.com/advisory0026" }, { "name": "2710", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/2710" }, { "name": "ADV-2007-1831", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1831" }, { "name": "20070515 Jetbox CMS version 2.1 E-Mail Injection Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/468644/100/0/threaded" }, { "name": "1018063", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1018063" }, { "name": "34088", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/34088" }, { "name": "23989", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/23989" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-05-15T00:00:00", "descriptions": [ { "lang": "en", "value": "formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "jetbox-formmail-mail-relay(34292)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34292" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.netvigilance.com/advisory0026" }, { "name": "2710", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/2710" }, { "name": "ADV-2007-1831", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1831" }, { "name": "20070515 Jetbox CMS version 2.1 E-Mail Injection Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/468644/100/0/threaded" }, { "name": "1018063", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1018063" }, { "name": "34088", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/34088" }, { "name": "23989", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/23989" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1898", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "jetbox-formmail-mail-relay(34292)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34292" }, { "name": "http://www.netvigilance.com/advisory0026", "refsource": "MISC", "url": "http://www.netvigilance.com/advisory0026" }, { "name": "2710", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2710" }, { "name": "ADV-2007-1831", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1831" }, { "name": "20070515 Jetbox CMS version 2.1 E-Mail Injection Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/468644/100/0/threaded" }, { "name": "1018063", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018063" }, { "name": "34088", "refsource": "OSVDB", "url": "http://www.osvdb.org/34088" }, { "name": "23989", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23989" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1898", "datePublished": "2007-05-16T22:00:00", "dateReserved": "2007-04-09T00:00:00", "dateUpdated": "2024-08-07T13:13:41.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0155
Vulnerability from cvelistv5
Published
2000-02-23 05:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/993 | vdb-entry, x_refsource_BID | |
http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd%24fdb5a620%244c4342a6%40mightye.org | mailing-list, x_refsource_BUGTRAQ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.969Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "993", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/993" }, { "name": "20000218 AUTORUN.INF Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-02-15\u0026msg=000701bf79cd%24fdb5a620%244c4342a6%40mightye.org" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-05-08T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "993", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/993" }, { "name": "20000218 AUTORUN.INF Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-02-15\u0026msg=000701bf79cd%24fdb5a620%244c4342a6%40mightye.org" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0155", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "993", "refsource": "BID", "url": "http://www.securityfocus.com/bid/993" }, { "name": "20000218 AUTORUN.INF Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-02-15\u0026msg=000701bf79cd$fdb5a620$4c4342a6@mightye.org" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0155", "datePublished": "2000-02-23T05:00:00", "dateReserved": "2000-02-23T00:00:00", "dateUpdated": "2024-08-08T05:05:53.969Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-0206
Vulnerability from cvelistv5
Published
2004-10-16 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.679Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "win-ms04031-patch(17657)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17657" }, { "name": "oval:org.mitre.oval:def:2394", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2394" }, { "name": "oval:org.mitre.oval:def:4592", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4592" }, { "name": "11372", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11372" }, { "name": "VU#640488", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/640488" }, { "name": "oval:org.mitre.oval:def:3120", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3120" }, { "name": "oval:org.mitre.oval:def:1852", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1852" }, { "name": "20041013 Microsoft Windows NetDDE Service Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109786703930674\u0026w=2" }, { "name": "12803", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/12803/" }, { "name": "MS04-031", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031" }, { "name": "win-netdde-bo(16556)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16556" }, { "name": "oval:org.mitre.oval:def:5074", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5074" }, { "name": "oval:org.mitre.oval:def:6788", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6788" }, { "name": "oval:org.mitre.oval:def:3242", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3242" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-10-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an \"unchecked buffer,\" possibly a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "win-ms04031-patch(17657)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17657" }, { "name": "oval:org.mitre.oval:def:2394", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2394" }, { "name": "oval:org.mitre.oval:def:4592", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4592" }, { "name": "11372", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11372" }, { "name": "VU#640488", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/640488" }, { "name": "oval:org.mitre.oval:def:3120", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3120" }, { "name": "oval:org.mitre.oval:def:1852", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1852" }, { "name": "20041013 Microsoft Windows NetDDE Service Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=109786703930674\u0026w=2" }, { "name": "12803", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/12803/" }, { "name": "MS04-031", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031" }, { "name": "win-netdde-bo(16556)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16556" }, { "name": "oval:org.mitre.oval:def:5074", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5074" }, { "name": "oval:org.mitre.oval:def:6788", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6788" }, { "name": "oval:org.mitre.oval:def:3242", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3242" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0206", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an \"unchecked buffer,\" possibly a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "win-ms04031-patch(17657)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17657" }, { "name": "oval:org.mitre.oval:def:2394", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2394" }, { "name": "oval:org.mitre.oval:def:4592", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4592" }, { "name": "11372", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11372" }, { "name": "VU#640488", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/640488" }, { "name": "oval:org.mitre.oval:def:3120", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3120" }, { "name": "oval:org.mitre.oval:def:1852", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1852" }, { "name": "20041013 Microsoft Windows NetDDE Service Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=109786703930674\u0026w=2" }, { "name": "12803", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12803/" }, { "name": "MS04-031", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031" }, { "name": "win-netdde-bo(16556)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16556" }, { "name": "oval:org.mitre.oval:def:5074", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5074" }, { "name": "oval:org.mitre.oval:def:6788", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6788" }, { "name": "oval:org.mitre.oval:def:3242", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3242" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0206", "datePublished": "2004-10-16T04:00:00", "dateReserved": "2004-03-11T00:00:00", "dateUpdated": "2024-08-08T00:10:03.679Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2003-0533
Vulnerability from cvelistv5
Published
2004-04-16 04:00
Modified
2024-08-08 01:58
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:11.206Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html" }, { "name": "O-114", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "AD20040413C", "tags": [ "third-party-advisory", "x_refsource_EEYE", "x_transferred" ], "url": "http://www.eeye.com/html/Research/Advisories/AD20040413C.html" }, { "name": "win-lsass-bo(15699)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15699" }, { "name": "oval:org.mitre.oval:def:919", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "oval:org.mitre.oval:def:898", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898" }, { "name": "oval:org.mitre.oval:def:883", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040429 MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108325860431471\u0026w=2" }, { "name": "10108", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10108" }, { "name": "VU#753212", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/753212" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html" }, { "name": "O-114", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "AD20040413C", "tags": [ "third-party-advisory", "x_refsource_EEYE" ], "url": "http://www.eeye.com/html/Research/Advisories/AD20040413C.html" }, { "name": "win-lsass-bo(15699)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15699" }, { "name": "oval:org.mitre.oval:def:919", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "oval:org.mitre.oval:def:898", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898" }, { "name": "oval:org.mitre.oval:def:883", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040429 MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108325860431471\u0026w=2" }, { "name": "10108", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10108" }, { "name": "VU#753212", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/753212" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0533", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html" }, { "name": "O-114", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "name": "AD20040413C", "refsource": "EEYE", "url": "http://www.eeye.com/html/Research/Advisories/AD20040413C.html" }, { "name": "win-lsass-bo(15699)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15699" }, { "name": "oval:org.mitre.oval:def:919", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919" }, { "name": "MS04-011", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "oval:org.mitre.oval:def:898", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898" }, { "name": "oval:org.mitre.oval:def:883", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883" }, { "name": "TA04-104A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040429 MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108325860431471\u0026w=2" }, { "name": "10108", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10108" }, { "name": "VU#753212", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/753212" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0533", "datePublished": "2004-04-16T04:00:00", "dateReserved": "2003-07-08T00:00:00", "dateUpdated": "2024-08-08T01:58:11.206Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-2388
Vulnerability from cvelistv5
Published
2005-07-27 04:00
Modified
2024-08-07 22:22
Severity ?
EPSS score ?
Summary
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
References
▼ | URL | Tags |
---|---|---|
http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp | x_refsource_MISC | |
http://securitytracker.com/id?1014566 | vdb-entry, x_refsource_SECTRACK | |
http://secunia.com/advisories/16210 | third-party-advisory, x_refsource_SECUNIA | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/21539 | vdb-entry, x_refsource_XF | |
http://www.osvdb.org/18493 | vdb-entry, x_refsource_OSVDB | |
http://www.securityfocus.com/bid/14376 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T22:22:49.141Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp" }, { "name": "1014566", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1014566" }, { "name": "16210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/16210" }, { "name": "windows-usb-device-bo(21539)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539" }, { "name": "18493", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/18493" }, { "name": "14376", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/14376" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-07-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp" }, { "name": "1014566", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1014566" }, { "name": "16210", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/16210" }, { "name": "windows-usb-device-bo(21539)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539" }, { "name": "18493", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/18493" }, { "name": "14376", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/14376" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2388", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.eweek.com/article2/0,1759,1840131,00.asp", "refsource": "MISC", "url": "http://www.eweek.com/article2/0,1759,1840131,00.asp" }, { "name": "1014566", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014566" }, { "name": "16210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16210" }, { "name": "windows-usb-device-bo(21539)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539" }, { "name": "18493", "refsource": "OSVDB", "url": "http://www.osvdb.org/18493" }, { "name": "14376", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14376" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2388", "datePublished": "2005-07-27T04:00:00", "dateReserved": "2005-07-27T00:00:00", "dateUpdated": "2024-08-07T22:22:49.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-6261
Vulnerability from cvelistv5
Published
2006-12-04 11:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/2860 | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/21331 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/30559 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:19:35.111Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "2860", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/2860" }, { "name": "21331", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/21331" }, { "name": "quintessential-player-code-execution(30559)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30559" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-11-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-18T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "2860", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/2860" }, { "name": "21331", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/21331" }, { "name": "quintessential-player-code-execution(30559)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30559" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6261", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "2860", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/2860" }, { "name": "21331", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21331" }, { "name": "quintessential-player-code-execution(30559)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30559" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6261", "datePublished": "2006-12-04T11:00:00", "dateReserved": "2006-12-03T00:00:00", "dateUpdated": "2024-08-07T20:19:35.111Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0330
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049 | vendor-advisory, x_refsource_MS |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.489Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS99-049", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the \"File Access URL\" vulnerability." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS99-049", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0330", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the \"File Access URL\" vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS99-049", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0330", "datePublished": "2000-06-02T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:21.489Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-0201
Vulnerability from cvelistv5
Published
2004-07-14 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.770Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:2155", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2155" }, { "name": "VU#920060", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/920060" }, { "name": "TA04-196A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-196A.html" }, { "name": "oval:org.mitre.oval:def:1530", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1530" }, { "name": "oval:org.mitre.oval:def:1503", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1503" }, { "name": "MS04-023", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-023" }, { "name": "20040714 HtmlHelp - .CHM File Heap Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html" }, { "name": "oval:org.mitre.oval:def:3179", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3179" }, { "name": "win-htmlhelp-execute-code(16586)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16586" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-07-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:2155", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2155" }, { "name": "VU#920060", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/920060" }, { "name": "TA04-196A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-196A.html" }, { "name": "oval:org.mitre.oval:def:1530", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1530" }, { "name": "oval:org.mitre.oval:def:1503", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1503" }, { "name": "MS04-023", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-023" }, { "name": "20040714 HtmlHelp - .CHM File Heap Overflow", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html" }, { "name": "oval:org.mitre.oval:def:3179", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3179" }, { "name": "win-htmlhelp-execute-code(16586)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16586" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0201", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:2155", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2155" }, { "name": "VU#920060", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/920060" }, { "name": "TA04-196A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-196A.html" }, { "name": "oval:org.mitre.oval:def:1530", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1530" }, { "name": "oval:org.mitre.oval:def:1503", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1503" }, { "name": "MS04-023", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-023" }, { "name": "20040714 HtmlHelp - .CHM File Heap Overflow", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html" }, { "name": "oval:org.mitre.oval:def:3179", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3179" }, { "name": "win-htmlhelp-execute-code(16586)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16586" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0201", "datePublished": "2004-07-14T04:00:00", "dateReserved": "2004-03-11T00:00:00", "dateUpdated": "2024-08-08T00:10:03.770Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-0012
Vulnerability from cvelistv5
Published
2006-04-12 00:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:18:20.703Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "17464", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/17464" }, { "name": "oval:org.mitre.oval:def:1743", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743" }, { "name": "19606", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19606" }, { "name": "TA06-101A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html" }, { "name": "win-explorer-com-code-execution(25554)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554" }, { "name": "1015897", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015897" }, { "name": "MS06-015", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015" }, { "name": "oval:org.mitre.oval:def:1191", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191" }, { "name": "oval:org.mitre.oval:def:1764", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764" }, { "name": "24516", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/24516" }, { "name": "oval:org.mitre.oval:def:1448", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448" }, { "name": "oval:org.mitre.oval:def:1679", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679" }, { "name": "VU#641460", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/641460" }, { "name": "ADV-2006-1320", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/1320" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-04-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "17464", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/17464" }, { "name": "oval:org.mitre.oval:def:1743", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743" }, { "name": "19606", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19606" }, { "name": "TA06-101A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html" }, { "name": "win-explorer-com-code-execution(25554)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554" }, { "name": "1015897", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015897" }, { "name": "MS06-015", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015" }, { "name": "oval:org.mitre.oval:def:1191", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191" }, { "name": "oval:org.mitre.oval:def:1764", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764" }, { "name": "24516", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/24516" }, { "name": "oval:org.mitre.oval:def:1448", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448" }, { "name": "oval:org.mitre.oval:def:1679", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679" }, { "name": "VU#641460", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/641460" }, { "name": "ADV-2006-1320", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/1320" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-0012", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "17464", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17464" }, { "name": "oval:org.mitre.oval:def:1743", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743" }, { "name": "19606", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19606" }, { "name": "TA06-101A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html" }, { "name": "win-explorer-com-code-execution(25554)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554" }, { "name": "1015897", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015897" }, { "name": "MS06-015", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015" }, { "name": "oval:org.mitre.oval:def:1191", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191" }, { "name": "oval:org.mitre.oval:def:1764", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764" }, { "name": "24516", "refsource": "OSVDB", "url": "http://www.osvdb.org/24516" }, { "name": "oval:org.mitre.oval:def:1448", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448" }, { "name": "oval:org.mitre.oval:def:1679", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679" }, { "name": "VU#641460", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/641460" }, { "name": "ADV-2006-1320", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1320" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-0012", "datePublished": "2006-04-12T00:00:00", "dateReserved": "2005-11-09T00:00:00", "dateUpdated": "2024-08-07T16:18:20.703Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2003-0813
Vulnerability from cvelistv5
Published
2003-10-15 04:00
Modified
2024-08-08 02:05
Severity ?
EPSS score ?
Summary
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:05:12.566Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20031010 Re : [VERY] BAD news on RPC DCOM Exploit", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011870.html" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=106579825211708\u0026w=2" }, { "name": "20031011 Bad news on RPC DCOM2 vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011901.html" }, { "name": "VU#547820", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/547820" }, { "name": "oval:org.mitre.oval:def:894", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A894" }, { "name": "20031011 RE: Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=106588827513795\u0026w=2" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "MS04-012", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-012" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=106580303918155\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securitylab.ru/_exploits/rpc2.c.txt" }, { "name": "20031014 Microsoft RPC Race Condition Denial of Service", "tags": [ "third-party-advisory", "x_refsource_ISS", "x_transferred" ], "url": "http://xforce.iss.net/xforce/alerts/id/155" }, { "name": "8811", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/8811" }, { "name": "20031010 Re: Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011886.html" }, { "name": "oval:org.mitre.oval:def:900", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A900" }, { "name": "oval:org.mitre.oval:def:893", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A893" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-10-10T00:00:00", "descriptions": [ { "lang": "en", "value": "A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20031010 Re : [VERY] BAD news on RPC DCOM Exploit", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011870.html" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=106579825211708\u0026w=2" }, { "name": "20031011 Bad news on RPC DCOM2 vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011901.html" }, { "name": "VU#547820", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/547820" }, { "name": "oval:org.mitre.oval:def:894", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A894" }, { "name": "20031011 RE: Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=106588827513795\u0026w=2" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "MS04-012", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-012" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=106580303918155\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securitylab.ru/_exploits/rpc2.c.txt" }, { "name": "20031014 Microsoft RPC Race Condition Denial of Service", "tags": [ "third-party-advisory", "x_refsource_ISS" ], "url": "http://xforce.iss.net/xforce/alerts/id/155" }, { "name": "8811", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/8811" }, { "name": "20031010 Re: Bad news on RPC DCOM vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011886.html" }, { "name": "oval:org.mitre.oval:def:900", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A900" }, { "name": "oval:org.mitre.oval:def:893", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A893" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0813", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20031010 Re : [VERY] BAD news on RPC DCOM Exploit", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011870.html" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=106579825211708\u0026w=2" }, { "name": "20031011 Bad news on RPC DCOM2 vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011901.html" }, { "name": "VU#547820", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/547820" }, { "name": "oval:org.mitre.oval:def:894", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A894" }, { "name": "20031011 RE: Bad news on RPC DCOM vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=106588827513795\u0026w=2" }, { "name": "TA04-104A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "MS04-012", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-012" }, { "name": "20031010 Bad news on RPC DCOM vulnerability", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq\u0026m=106580303918155\u0026w=2" }, { "name": "http://www.securitylab.ru/_exploits/rpc2.c.txt", "refsource": "MISC", "url": "http://www.securitylab.ru/_exploits/rpc2.c.txt" }, { "name": "20031014 Microsoft RPC Race Condition Denial of Service", "refsource": "ISS", "url": "http://xforce.iss.net/xforce/alerts/id/155" }, { "name": "8811", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8811" }, { "name": "20031010 Re: Bad news on RPC DCOM vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/011886.html" }, { "name": "oval:org.mitre.oval:def:900", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A900" }, { "name": "oval:org.mitre.oval:def:893", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A893" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0813", "datePublished": "2003-10-15T04:00:00", "dateReserved": "2003-09-18T00:00:00", "dateUpdated": "2024-08-08T02:05:12.566Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-2186
Vulnerability from cvelistv5
Published
2007-04-24 17:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
References
▼ | URL | Tags |
---|---|---|
http://osvdb.org/39054 | vdb-entry, x_refsource_OSVDB | |
http://www.securityfocus.com/bid/23576 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/3770 | exploit, x_refsource_EXPLOIT-DB | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/33784 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:23:51.100Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "39054", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/39054" }, { "name": "23576", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/23576" }, { "name": "3770", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/3770" }, { "name": "foxitreader-pdf-dos(33784)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33784" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-04-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "39054", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/39054" }, { "name": "23576", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/23576" }, { "name": "3770", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/3770" }, { "name": "foxitreader-pdf-dos(33784)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33784" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2186", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "39054", "refsource": "OSVDB", "url": "http://osvdb.org/39054" }, { "name": "23576", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23576" }, { "name": "3770", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/3770" }, { "name": "foxitreader-pdf-dos(33784)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33784" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2186", "datePublished": "2007-04-24T17:00:00", "dateReserved": "2007-04-24T00:00:00", "dateUpdated": "2024-08-07T13:23:51.100Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-2185
Vulnerability from cvelistv5
Published
2005-11-16 21:17
Modified
2024-08-08 03:51
Severity ?
EPSS score ?
Summary
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:51:17.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2006:0140", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18562" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target\u0027s Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2006:0140", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18562" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-2185", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target\u0027s Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2006:0140", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "name": "http://www.cs.ucsb.edu/~krishna/igmp_dos/", "refsource": "MISC", "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18562" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-2185", "datePublished": "2005-11-16T21:17:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-08T03:51:17.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-0918
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/514 | vdb-entry, x_refsource_BID | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034 | vendor-advisory, x_refsource_MS | |
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238329 | vendor-advisory, x_refsource_MSKB |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.145Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "514", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/514" }, { "name": "MS99-034", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034" }, { "name": "Q238329", "tags": [ "vendor-advisory", "x_refsource_MSKB", "x_transferred" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238329" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Denial of service in various Windows systems via malformed, fragmented IGMP packets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "514", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/514" }, { "name": "MS99-034", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034" }, { "name": "Q238329", "tags": [ "vendor-advisory", "x_refsource_MSKB" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238329" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0918", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Denial of service in various Windows systems via malformed, fragmented IGMP packets." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "514", "refsource": "BID", "url": "http://www.securityfocus.com/bid/514" }, { "name": "MS99-034", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034" }, { "name": "Q238329", "refsource": "MSKB", "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238329" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0918", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-12-08T00:00:00", "dateUpdated": "2024-08-01T16:55:29.145Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-2736
Vulnerability from cvelistv5
Published
2007-05-17 19:00
Modified
2024-08-07 13:49
Severity ?
EPSS score ?
Summary
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/3928 | exploit, x_refsource_EXPLOIT-DB | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 | vdb-entry, x_refsource_XF | |
http://osvdb.org/37919 | vdb-entry, x_refsource_OSVDB | |
http://www.securityfocus.com/bid/23992 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:49:57.405Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3928", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/3928" }, { "name": "achievo-index-file-include(34305)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34305" }, { "name": "37919", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/37919" }, { "name": "23992", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/23992" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-05-15T00:00:00", "descriptions": [ { "lang": "en", "value": "PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3928", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/3928" }, { "name": "achievo-index-file-include(34305)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34305" }, { "name": "37919", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/37919" }, { "name": "23992", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/23992" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2736", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3928", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/3928" }, { "name": "achievo-index-file-include(34305)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34305" }, { "name": "37919", "refsource": "OSVDB", "url": "http://osvdb.org/37919" }, { "name": "23992", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23992" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2736", "datePublished": "2007-05-17T19:00:00", "dateReserved": "2007-05-17T00:00:00", "dateUpdated": "2024-08-07T13:49:57.405Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-0590
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
A system does not present an appropriate legal message or warning to a user who is accessing it.
References
▼ | URL | Tags |
---|---|---|
http://ciac.llnl.gov/ciac/bulletins/j-043.shtml | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:41:45.692Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://ciac.llnl.gov/ciac/bulletins/j-043.shtml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A system does not present an appropriate legal message or warning to a user who is accessing it." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T05:27:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://ciac.llnl.gov/ciac/bulletins/j-043.shtml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0590", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A system does not present an appropriate legal message or warning to a user who is accessing it." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://ciac.llnl.gov/ciac/bulletins/j-043.shtml", "refsource": "MISC", "url": "http://ciac.llnl.gov/ciac/bulletins/j-043.shtml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0590", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:41:45.692Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-0070
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
EPSS score ?
Summary
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014 | vendor-advisory, x_refsource_MS | |
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0203&L=ntbugtraq&F=P&S=&P=2404 | mailing-list, x_refsource_NTBUGTRAQ | |
http://marc.info/?l=bugtraq&m=101594127017290&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/4248 | vdb-entry, x_refsource_BID | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18 | vdb-entry, signature, x_refsource_OVAL | |
http://www.iss.net/security_center/static/8384.php | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS02-014", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014" }, { "name": "20020311 ADVISORY: Windows Shell Overflow", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://www.ntbugtraq.com/default.asp?pid=36\u0026sid=1\u0026A2=ind0203\u0026L=ntbugtraq\u0026F=P\u0026S=\u0026P=2404" }, { "name": "20020312 ADVISORY: Windows Shell Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101594127017290\u0026w=2" }, { "name": "4248", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4248" }, { "name": "oval:org.mitre.oval:def:147", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147" }, { "name": "oval:org.mitre.oval:def:18", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18" }, { "name": "win-shell-bo(8384)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8384.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-03-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS02-014", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014" }, { "name": "20020311 ADVISORY: Windows Shell Overflow", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://www.ntbugtraq.com/default.asp?pid=36\u0026sid=1\u0026A2=ind0203\u0026L=ntbugtraq\u0026F=P\u0026S=\u0026P=2404" }, { "name": "20020312 ADVISORY: Windows Shell Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101594127017290\u0026w=2" }, { "name": "4248", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4248" }, { "name": "oval:org.mitre.oval:def:147", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147" }, { "name": "oval:org.mitre.oval:def:18", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18" }, { "name": "win-shell-bo(8384)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8384.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0070", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS02-014", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014" }, { "name": "20020311 ADVISORY: Windows Shell Overflow", "refsource": "NTBUGTRAQ", "url": "http://www.ntbugtraq.com/default.asp?pid=36\u0026sid=1\u0026A2=ind0203\u0026L=ntbugtraq\u0026F=P\u0026S=\u0026P=2404" }, { "name": "20020312 ADVISORY: Windows Shell Overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101594127017290\u0026w=2" }, { "name": "4248", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4248" }, { "name": "oval:org.mitre.oval:def:147", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147" }, { "name": "oval:org.mitre.oval:def:18", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18" }, { "name": "win-shell-bo(8384)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8384.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0070", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-02-21T00:00:00", "dateUpdated": "2024-08-08T02:35:17.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-0975
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/868 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.395Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "868", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/868" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-07T00:00:00", "descriptions": [ { "lang": "en", "value": "The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "868", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/868" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0975", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "868", "refsource": "BID", "url": "http://www.securityfocus.com/bid/868" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0975", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-12-14T00:00:00", "dateUpdated": "2024-08-01T16:55:29.395Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0129
Vulnerability from cvelistv5
Published
2000-02-08 05:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.966Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T08:22:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0129", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0129" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0129", "datePublished": "2000-02-08T05:00:00", "dateReserved": "2000-02-08T00:00:00", "dateUpdated": "2024-08-08T05:05:53.966Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-0053
Vulnerability from cvelistv5
Published
2005-02-08 05:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:41.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS05-008", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008" }, { "name": "oval:org.mitre.oval:def:4726", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726" }, { "name": "MS05-014", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014" }, { "name": "oval:org.mitre.oval:def:4864", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864" }, { "name": "oval:org.mitre.oval:def:1334", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334" }, { "name": "oval:org.mitre.oval:def:2046", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046" }, { "name": "oval:org.mitre.oval:def:2953", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "VU#698835", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/698835" }, { "name": "oval:org.mitre.oval:def:1015", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015" }, { "name": "11466", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11466" }, { "name": "oval:org.mitre.oval:def:3006", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006" }, { "name": "ie-dragdrop-gain-privileges(19117)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the \"Drag-and-Drop Vulnerability.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS05-008", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008" }, { "name": "oval:org.mitre.oval:def:4726", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726" }, { "name": "MS05-014", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014" }, { "name": "oval:org.mitre.oval:def:4864", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864" }, { "name": "oval:org.mitre.oval:def:1334", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334" }, { "name": "oval:org.mitre.oval:def:2046", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046" }, { "name": "oval:org.mitre.oval:def:2953", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "VU#698835", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/698835" }, { "name": "oval:org.mitre.oval:def:1015", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015" }, { "name": "11466", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11466" }, { "name": "oval:org.mitre.oval:def:3006", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006" }, { "name": "ie-dragdrop-gain-privileges(19117)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0053", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the \"Drag-and-Drop Vulnerability.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS05-008", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008" }, { "name": "oval:org.mitre.oval:def:4726", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726" }, { "name": "MS05-014", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014" }, { "name": "oval:org.mitre.oval:def:4864", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864" }, { "name": "oval:org.mitre.oval:def:1334", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334" }, { "name": "oval:org.mitre.oval:def:2046", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046" }, { "name": "oval:org.mitre.oval:def:2953", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953" }, { "name": "TA05-039A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "VU#698835", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/698835" }, { "name": "oval:org.mitre.oval:def:1015", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015" }, { "name": "11466", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11466" }, { "name": "oval:org.mitre.oval:def:3006", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006" }, { "name": "ie-dragdrop-gain-privileges(19117)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0053", "datePublished": "2005-02-08T05:00:00", "dateReserved": "2005-01-11T00:00:00", "dateUpdated": "2024-08-07T20:57:41.182Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-0006
Vulnerability from cvelistv5
Published
2006-02-14 22:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:18:20.729Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:1256", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256" }, { "name": "oval:org.mitre.oval:def:1578", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578" }, { "name": "ADV-2006-0574", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0574" }, { "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded" }, { "name": "16633", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16633" }, { "name": "423", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/423" }, { "name": "TA06-045A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "1015627", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015627" }, { "name": "VU#291396", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/291396" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.eeye.com/html/research/advisories/AD20060214.html" }, { "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded" }, { "name": "win-media-player-bmp-bo(24488)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488" }, { "name": "MS06-005", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005" }, { "name": "18835", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18835" }, { "name": "oval:org.mitre.oval:def:1598", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598" }, { "name": "oval:org.mitre.oval:def:1661", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "oval:org.mitre.oval:def:1256", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256" }, { "name": "oval:org.mitre.oval:def:1578", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578" }, { "name": "ADV-2006-0574", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0574" }, { "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded" }, { "name": "16633", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16633" }, { "name": "423", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/423" }, { "name": "TA06-045A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "1015627", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015627" }, { "name": "VU#291396", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/291396" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.eeye.com/html/research/advisories/AD20060214.html" }, { "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded" }, { "name": "win-media-player-bmp-bo(24488)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488" }, { "name": "MS06-005", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005" }, { "name": "18835", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18835" }, { "name": "oval:org.mitre.oval:def:1598", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598" }, { "name": "oval:org.mitre.oval:def:1661", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-0006", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:1256", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256" }, { "name": "oval:org.mitre.oval:def:1578", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578" }, { "name": "ADV-2006-0574", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0574" }, { "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded" }, { "name": "16633", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16633" }, { "name": "423", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/423" }, { "name": "TA06-045A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "1015627", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015627" }, { "name": "VU#291396", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/291396" }, { "name": "http://www.eeye.com/html/research/advisories/AD20060214.html", "refsource": "MISC", "url": "http://www.eeye.com/html/research/advisories/AD20060214.html" }, { "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded" }, { "name": "win-media-player-bmp-bo(24488)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488" }, { "name": "MS06-005", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005" }, { "name": "18835", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18835" }, { "name": "oval:org.mitre.oval:def:1598", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598" }, { "name": "oval:org.mitre.oval:def:1661", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-0006", "datePublished": "2006-02-14T22:00:00", "dateReserved": "2005-11-09T00:00:00", "dateUpdated": "2024-08-07T16:18:20.729Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2001-0876
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
References
▼ | URL | Tags |
---|---|---|
http://www.ciac.org/ciac/bulletins/m-030.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://marc.info/?l=ntbugtraq&m=100887271006313&w=2 | mailing-list, x_refsource_NTBUGTRAQ | |
http://marc.info/?l=bugtraq&m=100887440810532&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.cert.org/advisories/CA-2001-37.html | third-party-advisory, x_refsource_CERT | |
http://www.kb.cert.org/vuls/id/951555 | third-party-advisory, x_refsource_CERT-VN | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/7721 | vdb-entry, x_refsource_XF | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/3723 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.629Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "M-030", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/m-030.shtml" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=100887271006313\u0026w=2" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100887440810532\u0026w=2" }, { "name": "CA-2001-37", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2001-37.html" }, { "name": "VU#951555", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/951555" }, { "name": "win-upnp-notify-bo(7721)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7721" }, { "name": "MS01-059", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059" }, { "name": "3723", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3723" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-12-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-03-08T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "M-030", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/m-030.shtml" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=100887271006313\u0026w=2" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100887440810532\u0026w=2" }, { "name": "CA-2001-37", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2001-37.html" }, { "name": "VU#951555", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/951555" }, { "name": "win-upnp-notify-bo(7721)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7721" }, { "name": "MS01-059", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059" }, { "name": "3723", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3723" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0876", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "M-030", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/m-030.shtml" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq\u0026m=100887271006313\u0026w=2" }, { "name": "20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100887440810532\u0026w=2" }, { "name": "CA-2001-37", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2001-37.html" }, { "name": "VU#951555", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/951555" }, { "name": "win-upnp-notify-bo(7721)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7721" }, { "name": "MS01-059", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-059" }, { "name": "3723", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3723" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0876", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-12-11T00:00:00", "dateUpdated": "2024-08-08T04:37:06.629Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-1212
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/13944 | vdb-entry, x_refsource_BID | |
http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
http://secunia.com/advisories/15669/ | third-party-advisory, x_refsource_SECUNIA | |
http://securitytracker.com/id?1014194 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031 | vendor-advisory, x_refsource_MS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:44:05.428Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "13944", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/13944" }, { "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "15669", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/15669/" }, { "name": "1014194", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1014194" }, { "name": "MS05-031", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031" }, { "name": "oval:org.mitre.oval:def:1224", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "13944", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/13944" }, { "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "15669", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/15669/" }, { "name": "1014194", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1014194" }, { "name": "MS05-031", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031" }, { "name": "oval:org.mitre.oval:def:1224", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2005-1212", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "13944", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13944" }, { "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "15669", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15669/" }, { "name": "1014194", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014194" }, { "name": "MS05-031", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031" }, { "name": "oval:org.mitre.oval:def:1224", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2005-1212", "datePublished": "2005-06-14T04:00:00", "dateReserved": "2005-04-22T00:00:00", "dateUpdated": "2024-08-07T21:44:05.428Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2003-0010
Vulnerability from cvelistv5
Published
2003-03-21 05:00
Modified
2024-08-08 01:36
Severity ?
EPSS score ?
Summary
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:36:25.398Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "7146", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/7146" }, { "name": "oval:org.mitre.oval:def:795", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A795" }, { "name": "20030319 Heap Overflow in Windows Script Engine", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=26" }, { "name": "oval:org.mitre.oval:def:794", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A794" }, { "name": "oval:org.mitre.oval:def:200", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A200" }, { "name": "MS03-008", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-008" }, { "name": "20030319 Windows Scripting Engine issue", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html" }, { "name": "20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=104812108307645\u0026w=2" }, { "name": "oval:org.mitre.oval:def:134", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A134" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-03-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "7146", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/7146" }, { "name": "oval:org.mitre.oval:def:795", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A795" }, { "name": "20030319 Heap Overflow in Windows Script Engine", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=26" }, { "name": "oval:org.mitre.oval:def:794", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A794" }, { "name": "oval:org.mitre.oval:def:200", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A200" }, { "name": "MS03-008", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-008" }, { "name": "20030319 Windows Scripting Engine issue", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html" }, { "name": "20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=104812108307645\u0026w=2" }, { "name": "oval:org.mitre.oval:def:134", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A134" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0010", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "7146", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7146" }, { "name": "oval:org.mitre.oval:def:795", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A795" }, { "name": "20030319 Heap Overflow in Windows Script Engine", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=26" }, { "name": "oval:org.mitre.oval:def:794", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A794" }, { "name": "oval:org.mitre.oval:def:200", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A200" }, { "name": "MS03-008", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-008" }, { "name": "20030319 Windows Scripting Engine issue", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html" }, { "name": "20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=104812108307645\u0026w=2" }, { "name": "oval:org.mitre.oval:def:134", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A134" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0010", "datePublished": "2003-03-21T05:00:00", "dateReserved": "2003-01-02T00:00:00", "dateUpdated": "2024-08-08T01:36:25.398Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-0214
Vulnerability from cvelistv5
Published
2004-10-16 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.779Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "322857", "tags": [ "vendor-advisory", "x_refsource_MSKB", "x_transferred" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857" }, { "name": "oval:org.mitre.oval:def:2638", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2638" }, { "name": "1011647", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1011647" }, { "name": "oval:org.mitre.oval:def:5307", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5307" }, { "name": "oval:org.mitre.oval:def:1601", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1601" }, { "name": "10213", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10213" }, { "name": "win-ms04037-patch(17662)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17662" }, { "name": "5687", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5687" }, { "name": "VU#616200", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/616200" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html" }, { "name": "oval:org.mitre.oval:def:4345", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4345" }, { "name": "11482", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11482/" }, { "name": "oval:org.mitre.oval:def:1749", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1749" }, { "name": "win-long-fileshare-bo(15956)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15956" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://seclists.org/lists/bugtraq/2004/Apr/0322.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html" }, { "name": "MS04-037", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-037" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "322857", "tags": [ "vendor-advisory", "x_refsource_MSKB" ], "url": "http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857" }, { "name": "oval:org.mitre.oval:def:2638", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2638" }, { "name": "1011647", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1011647" }, { "name": "oval:org.mitre.oval:def:5307", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5307" }, { "name": "oval:org.mitre.oval:def:1601", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1601" }, { "name": "10213", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10213" }, { "name": "win-ms04037-patch(17662)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17662" }, { "name": "5687", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5687" }, { "name": "VU#616200", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/616200" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html" }, { "name": "oval:org.mitre.oval:def:4345", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4345" }, { "name": "11482", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11482/" }, { "name": "oval:org.mitre.oval:def:1749", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1749" }, { "name": "win-long-fileshare-bo(15956)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15956" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://seclists.org/lists/bugtraq/2004/Apr/0322.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html" }, { "name": "MS04-037", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-037" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0214", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "322857", "refsource": "MSKB", "url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;322857" }, { "name": "oval:org.mitre.oval:def:2638", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2638" }, { "name": "1011647", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1011647" }, { "name": "oval:org.mitre.oval:def:5307", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5307" }, { "name": "oval:org.mitre.oval:def:1601", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1601" }, { "name": "10213", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10213" }, { "name": "win-ms04037-patch(17662)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17662" }, { "name": "5687", "refsource": "OSVDB", "url": "http://www.osvdb.org/5687" }, { "name": "VU#616200", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/616200" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "refsource": "FULLDISC", "url": "http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html" }, { "name": "oval:org.mitre.oval:def:4345", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4345" }, { "name": "11482", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11482/" }, { "name": "oval:org.mitre.oval:def:1749", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1749" }, { "name": "win-long-fileshare-bo(15956)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15956" }, { "name": "20040425 Microsoft\u0027s Explorer and Internet Explorer long share name buffer overflow.", "refsource": "BUGTRAQ", "url": "http://seclists.org/lists/bugtraq/2004/Apr/0322.html" }, { "name": "http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html", "refsource": "MISC", "url": "http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html" }, { "name": "MS04-037", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-037" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0214", "datePublished": "2004-10-16T04:00:00", "dateReserved": "2004-03-11T00:00:00", "dateUpdated": "2024-08-08T00:10:03.779Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-0416
Vulnerability from cvelistv5
Published
2005-02-14 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 | vendor-advisory, x_refsource_MS | |
http://marc.info/?l=bugtraq&m=110547079218397&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://marc.info/?l=bugtraq&m=110556975827760&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://eeye.com/html/research/advisories/AD20050111.html | x_refsource_MISC | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18879 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/12233 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:13:54.198Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS05-002", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002" }, { "name": "20050111 EEYE: Windows ANI File Parsing Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110547079218397\u0026w=2" }, { "name": "20050112 Windows ANI File Parsing Proof Of Concept (MS05-002)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110556975827760\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://eeye.com/html/research/advisories/AD20050111.html" }, { "name": "win-user32-aniheader-overflow(18879)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18879" }, { "name": "12233", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12233" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-01-11T00:00:00", "descriptions": [ { "lang": "en", "value": "The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS05-002", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002" }, { "name": "20050111 EEYE: Windows ANI File Parsing Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110547079218397\u0026w=2" }, { "name": "20050112 Windows ANI File Parsing Proof Of Concept (MS05-002)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110556975827760\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://eeye.com/html/research/advisories/AD20050111.html" }, { "name": "win-user32-aniheader-overflow(18879)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18879" }, { "name": "12233", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12233" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0416", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS05-002", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002" }, { "name": "20050111 EEYE: Windows ANI File Parsing Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110547079218397\u0026w=2" }, { "name": "20050112 Windows ANI File Parsing Proof Of Concept (MS05-002)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110556975827760\u0026w=2" }, { "name": "http://eeye.com/html/research/advisories/AD20050111.html", "refsource": "MISC", "url": "http://eeye.com/html/research/advisories/AD20050111.html" }, { "name": "win-user32-aniheader-overflow(18879)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18879" }, { "name": "12233", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12233" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0416", "datePublished": "2005-02-14T05:00:00", "dateReserved": "2005-02-14T00:00:00", "dateUpdated": "2024-08-07T21:13:54.198Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-1260
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069 | vendor-advisory, x_refsource_MS | |
http://www.ciac.org/ciac/bulletins/n-026.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
http://www.securityfocus.com/bid/6379 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/10833 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:28.576Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS02-069", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "N-026", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/n-026.shtml" }, { "name": "6379", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6379" }, { "name": "msvm-jdbc-gain-access(10833)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10833" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-12-11T00:00:00", "descriptions": [ { "lang": "en", "value": "The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-10-14T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS02-069", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "N-026", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/n-026.shtml" }, { "name": "6379", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6379" }, { "name": "msvm-jdbc-gain-access(10833)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10833" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1260", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS02-069", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "N-026", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/n-026.shtml" }, { "name": "6379", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6379" }, { "name": "msvm-jdbc-gain-access(10833)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10833" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1260", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-11-04T00:00:00", "dateUpdated": "2024-08-08T03:19:28.576Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-3958
Vulnerability from cvelistv5
Published
2007-07-24 18:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/35538 | vdb-entry, x_refsource_XF | |
http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html | x_refsource_MISC | |
http://osvdb.org/43773 | vdb-entry, x_refsource_OSVDB | |
https://www.exploit-db.com/exploits/4215 | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/25013 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T14:37:05.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "windows-explorer-gif-dos(35538)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35538" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "43773", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/43773" }, { "name": "4215", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/4215" }, { "name": "25013", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/25013" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-07-23T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "windows-explorer-gif-dos(35538)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35538" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "43773", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/43773" }, { "name": "4215", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/4215" }, { "name": "25013", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/25013" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-3958", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "windows-explorer-gif-dos(35538)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35538" }, { "name": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html", "refsource": "MISC", "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "43773", "refsource": "OSVDB", "url": "http://osvdb.org/43773" }, { "name": "4215", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4215" }, { "name": "25013", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25013" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-3958", "datePublished": "2007-07-24T18:00:00", "dateReserved": "2007-07-24T00:00:00", "dateUpdated": "2024-08-07T14:37:05.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2003-1569
Vulnerability from cvelistv5
Published
2009-02-06 19:00
Modified
2024-09-16 17:14
Severity ?
EPSS score ?
Summary
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.
References
▼ | URL | Tags |
---|---|---|
http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2009-02-06T19:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-1569", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service", "refsource": "CONFIRM", "url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#windows-95-98-me-aux-denial-of-service" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-1569", "datePublished": "2009-02-06T19:00:00Z", "dateReserved": "2009-02-06T00:00:00Z", "dateUpdated": "2024-09-16T17:14:44.117Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-0790
Vulnerability from cvelistv5
Published
2005-04-13 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:47.426Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:412", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A412" }, { "name": "oval:org.mitre.oval:def:4804", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4804" }, { "name": "13124", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/13124" }, { "name": "HPSBUX01164", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "SSRT061264", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:176", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A176" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html" }, { "name": "MS06-064", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064" }, { "name": "oval:org.mitre.oval:def:514", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A514" }, { "name": "oval:org.mitre.oval:def:1910", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1910" }, { "name": "SSRT4743", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "HPSBTU01210", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "57746", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1" }, { "name": "MS05-019", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019" }, { "name": "101658", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1" }, { "name": "SCOSA-2006.4", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt" }, { "name": "oval:org.mitre.oval:def:1177", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1177" }, { "name": "HPSBST02161", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "18317", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18317" }, { "name": "oval:org.mitre.oval:def:3458", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3458" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en" }, { "name": "oval:org.mitre.oval:def:211", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A211" }, { "name": "19", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/19" }, { "name": "SSRT4884", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "57", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/57" }, { "name": "22341", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22341" }, { "name": "ADV-2006-3983", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3983" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt" }, { "name": "oval:org.mitre.oval:def:53", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A53" }, { "name": "oval:org.mitre.oval:def:622", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A622" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-04-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the \"blind connection-reset attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:412", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A412" }, { "name": "oval:org.mitre.oval:def:4804", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4804" }, { "name": "13124", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/13124" }, { "name": "HPSBUX01164", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "SSRT061264", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:176", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A176" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html" }, { "name": "MS06-064", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064" }, { "name": "oval:org.mitre.oval:def:514", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A514" }, { "name": "oval:org.mitre.oval:def:1910", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1910" }, { "name": "SSRT4743", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "HPSBTU01210", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "57746", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1" }, { "name": "MS05-019", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019" }, { "name": "101658", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1" }, { "name": "SCOSA-2006.4", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt" }, { "name": "oval:org.mitre.oval:def:1177", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1177" }, { "name": "HPSBST02161", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "18317", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18317" }, { "name": "oval:org.mitre.oval:def:3458", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3458" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en" }, { "name": "oval:org.mitre.oval:def:211", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A211" }, { "name": "19", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/19" }, { "name": "SSRT4884", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "57", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/57" }, { "name": "22341", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22341" }, { "name": "ADV-2006-3983", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3983" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt" }, { "name": "oval:org.mitre.oval:def:53", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A53" }, { "name": "oval:org.mitre.oval:def:622", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A622" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0790", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the \"blind connection-reset attack.\" NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:412", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A412" }, { "name": "oval:org.mitre.oval:def:4804", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4804" }, { "name": "13124", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13124" }, { "name": "HPSBUX01164", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "SSRT061264", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:176", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A176" }, { "name": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html", "refsource": "MISC", "url": "http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html" }, { "name": "MS06-064", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064" }, { "name": "oval:org.mitre.oval:def:514", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A514" }, { "name": "oval:org.mitre.oval:def:1910", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1910" }, { "name": "SSRT4743", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "HPSBTU01210", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=112861397904255\u0026w=2" }, { "name": "57746", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1" }, { "name": "MS05-019", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019" }, { "name": "101658", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1" }, { "name": "SCOSA-2006.4", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt" }, { "name": "oval:org.mitre.oval:def:1177", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1177" }, { "name": "HPSBST02161", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded" }, { "name": "18317", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18317" }, { "name": "oval:org.mitre.oval:def:3458", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3458" }, { "name": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en", "refsource": "MISC", "url": "http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en" }, { "name": "oval:org.mitre.oval:def:211", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A211" }, { "name": "19", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/19" }, { "name": "SSRT4884", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/418882/100/0/threaded" }, { "name": "57", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/57" }, { "name": "22341", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22341" }, { "name": "ADV-2006-3983", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3983" }, { "name": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt", "refsource": "MISC", "url": "http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt" }, { "name": "oval:org.mitre.oval:def:53", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A53" }, { "name": "oval:org.mitre.oval:def:622", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A622" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0790", "datePublished": "2005-04-13T04:00:00", "dateReserved": "2004-08-17T00:00:00", "dateUpdated": "2024-08-08T00:31:47.426Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-0699
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048 | vendor-advisory, x_refsource_MS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A190 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:56:38.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS02-048", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048" }, { "name": "oval:org.mitre.oval:def:190", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A190" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-08-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user\u0027s system via HTML." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS02-048", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048" }, { "name": "oval:org.mitre.oval:def:190", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A190" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0699", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user\u0027s system via HTML." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS02-048", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048" }, { "name": "oval:org.mitre.oval:def:190", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A190" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0699", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-07-12T00:00:00", "dateUpdated": "2024-08-08T02:56:38.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-0057
Vulnerability from cvelistv5
Published
2005-02-08 05:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015 | vendor-advisory, x_refsource_MS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713 | vdb-entry, signature, x_refsource_OVAL | |
http://www.us-cert.gov/cas/techalerts/TA05-039A.html | third-party-advisory, x_refsource_CERT | |
http://www.securityfocus.com/bid/12479 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19110 | vdb-entry, x_refsource_XF | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203 | vdb-entry, signature, x_refsource_OVAL | |
http://securitytracker.com/id?1013119 | vdb-entry, x_refsource_SECTRACK | |
http://secunia.com/advisories/14195 | third-party-advisory, x_refsource_SECUNIA | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570 | vdb-entry, signature, x_refsource_OVAL | |
http://www.kb.cert.org/vuls/id/820427 | third-party-advisory, x_refsource_CERT-VN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:41.092Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS05-015", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015" }, { "name": "oval:org.mitre.oval:def:713", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "12479", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12479" }, { "name": "win-hyperlink-code-execution(19110)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110" }, { "name": "oval:org.mitre.oval:def:3203", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203" }, { "name": "1013119", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1013119" }, { "name": "14195", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/14195" }, { "name": "oval:org.mitre.oval:def:2570", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570" }, { "name": "VU#820427", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/820427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an \"unchecked buffer\" in the library, possibly due to a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS05-015", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015" }, { "name": "oval:org.mitre.oval:def:713", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "12479", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12479" }, { "name": "win-hyperlink-code-execution(19110)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110" }, { "name": "oval:org.mitre.oval:def:3203", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203" }, { "name": "1013119", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1013119" }, { "name": "14195", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/14195" }, { "name": "oval:org.mitre.oval:def:2570", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570" }, { "name": "VU#820427", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/820427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0057", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an \"unchecked buffer\" in the library, possibly due to a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS05-015", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015" }, { "name": "oval:org.mitre.oval:def:713", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713" }, { "name": "TA05-039A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "12479", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12479" }, { "name": "win-hyperlink-code-execution(19110)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110" }, { "name": "oval:org.mitre.oval:def:3203", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203" }, { "name": "1013119", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1013119" }, { "name": "14195", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14195" }, { "name": "oval:org.mitre.oval:def:2570", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570" }, { "name": "VU#820427", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/820427" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0057", "datePublished": "2005-02-08T05:00:00", "dateReserved": "2005-01-11T00:00:00", "dateUpdated": "2024-08-07T20:57:41.092Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0347
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
References
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=ntbugtraq&m=95737580922397&w=2 | mailing-list, x_refsource_NTBUGTRAQ | |
http://www.securityfocus.com/bid/1163 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.511Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000501 el8.org advisory - Win 95/98 DoS (RFParalyze.c)", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=95737580922397\u0026w=2" }, { "name": "1163", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1163" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000501 el8.org advisory - Win 95/98 DoS (RFParalyze.c)", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=95737580922397\u0026w=2" }, { "name": "1163", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1163" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0347", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000501 el8.org advisory - Win 95/98 DoS (RFParalyze.c)", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq\u0026m=95737580922397\u0026w=2" }, { "name": "1163", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1163" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0347", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:21.511Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-0061
Vulnerability from cvelistv5
Published
2005-04-13 04:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.
References
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761 | vdb-entry, signature, x_refsource_OVAL | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018 | vendor-advisory, x_refsource_MS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:40.958Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:4593", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593" }, { "name": "oval:org.mitre.oval:def:3994", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994" }, { "name": "oval:org.mitre.oval:def:1761", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761" }, { "name": "MS05-018", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018" }, { "name": "oval:org.mitre.oval:def:1656", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-04-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:4593", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593" }, { "name": "oval:org.mitre.oval:def:3994", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994" }, { "name": "oval:org.mitre.oval:def:1761", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761" }, { "name": "MS05-018", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018" }, { "name": "oval:org.mitre.oval:def:1656", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0061", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:4593", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593" }, { "name": "oval:org.mitre.oval:def:3994", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994" }, { "name": "oval:org.mitre.oval:def:1761", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761" }, { "name": "MS05-018", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018" }, { "name": "oval:org.mitre.oval:def:1656", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0061", "datePublished": "2005-04-13T04:00:00", "dateReserved": "2005-01-11T00:00:00", "dateUpdated": "2024-08-07T20:57:40.958Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-1043
Vulnerability from cvelistv5
Published
2007-02-21 17:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
References
▼ | URL | Tags |
---|---|---|
http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 | x_refsource_MISC | |
http://www.securityfocus.com/archive/1/460325/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/32563 | vdb-entry, x_refsource_XF | |
http://osvdb.org/34181 | vdb-entry, x_refsource_OSVDB | |
http://securityreason.com/securityalert/2275 | third-party-advisory, x_refsource_SREASON | |
http://www.securityfocus.com/bid/22590 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T12:43:22.287Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2674" }, { "name": "20070215 Ezboo webstats acces to sensitive files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/460325/100/0/threaded" }, { "name": "ezboo-update-unauthorized-access(32563)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32563" }, { "name": "34181", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/34181" }, { "name": "2275", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/2275" }, { "name": "22590", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/22590" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-02-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2674" }, { "name": "20070215 Ezboo webstats acces to sensitive files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/460325/100/0/threaded" }, { "name": "ezboo-update-unauthorized-access(32563)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32563" }, { "name": "34181", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/34181" }, { "name": "2275", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/2275" }, { "name": "22590", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/22590" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1043", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2674", "refsource": "MISC", "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2674" }, { "name": "20070215 Ezboo webstats acces to sensitive files", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460325/100/0/threaded" }, { "name": "ezboo-update-unauthorized-access(32563)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32563" }, { "name": "34181", "refsource": "OSVDB", "url": "http://osvdb.org/34181" }, { "name": "2275", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2275" }, { "name": "22590", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22590" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1043", "datePublished": "2007-02-21T17:00:00", "dateReserved": "2007-02-21T00:00:00", "dateUpdated": "2024-08-07T12:43:22.287Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0979
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072 | vendor-advisory, x_refsource_MS | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/5395 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/1780 | vdb-entry, x_refsource_BID | |
http://marc.info/?l=bugtraq&m=97147777618139&w=2 | mailing-list, x_refsource_BUGTRAQ | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.974Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS00-072", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072" }, { "name": "win9x-share-level-password(5395)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5395" }, { "name": "1780", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1780" }, { "name": "20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97147777618139\u0026w=2" }, { "name": "oval:org.mitre.oval:def:996", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-10T00:00:00", "descriptions": [ { "lang": "en", "value": "File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the \"Share Level Password\" vulnerability." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS00-072", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072" }, { "name": "win9x-share-level-password(5395)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5395" }, { "name": "1780", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1780" }, { "name": "20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97147777618139\u0026w=2" }, { "name": "oval:org.mitre.oval:def:996", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0979", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the \"Share Level Password\" vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS00-072", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072" }, { "name": "win9x-share-level-password(5395)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5395" }, { "name": "1780", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1780" }, { "name": "20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97147777618139\u0026w=2" }, { "name": "oval:org.mitre.oval:def:996", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0979", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.974Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-7030
Vulnerability from cvelistv5
Published
2007-02-23 01:00
Modified
2024-08-07 20:50
Severity ?
EPSS score ?
Summary
Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/archive/1/435095/30/4710/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://securityreason.com/securityalert/2286 | third-party-advisory, x_refsource_SREASON | |
http://www.securityfocus.com/bid/18112 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/26808 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/archive/1/435129/30/4710/threaded | mailing-list, x_refsource_BUGTRAQ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:50:05.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20060525 [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435095/30/4710/threaded" }, { "name": "2286", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/2286" }, { "name": "18112", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18112" }, { "name": "ie-html-tag-parsing-dos(26808)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26808" }, { "name": "20060526 Re: [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435129/30/4710/threaded" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-05-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20060525 [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435095/30/4710/threaded" }, { "name": "2286", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/2286" }, { "name": "18112", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18112" }, { "name": "ie-html-tag-parsing-dos(26808)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26808" }, { "name": "20060526 Re: [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435129/30/4710/threaded" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7030", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20060525 [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435095/30/4710/threaded" }, { "name": "2286", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2286" }, { "name": "18112", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18112" }, { "name": "ie-html-tag-parsing-dos(26808)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26808" }, { "name": "20060526 Re: [BuHa-Security] DoS Vulnerability in MS IE 6 SP2", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435129/30/4710/threaded" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7030", "datePublished": "2007-02-23T01:00:00", "dateReserved": "2007-02-22T00:00:00", "dateUpdated": "2024-08-07T20:50:05.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-0143
Vulnerability from cvelistv5
Published
2006-01-09 20:00
Modified
2024-08-07 16:25
Severity ?
EPSS score ?
Summary
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.
References
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1015453 | vdb-entry, x_refsource_SECTRACK | |
http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html | x_refsource_MISC | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/24044 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/16167 | vdb-entry, x_refsource_BID | |
http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx | x_refsource_CONFIRM | |
http://www.securityfocus.com/archive/1/421258/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/archive/1/421257/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
http://www.vupen.com/english/advisories/2006/0115 | vdb-entry, x_refsource_VUPEN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:25:33.559Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1015453", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015453" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "win-gre-wmf-dos(24044)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044" }, { "name": "16167", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16167" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx" }, { "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded" }, { "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded" }, { "name": "ADV-2006-0115", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0115" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1015453", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015453" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "win-gre-wmf-dos(24044)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044" }, { "name": "16167", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16167" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx" }, { "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded" }, { "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded" }, { "name": "ADV-2006-0115", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0115" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0143", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1015453", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015453" }, { "name": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html", "refsource": "MISC", "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html" }, { "name": "win-gre-wmf-dos(24044)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044" }, { "name": "16167", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16167" }, { "name": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx", "refsource": "CONFIRM", "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx" }, { "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded" }, { "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded" }, { "name": "ADV-2006-0115", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0115" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0143", "datePublished": "2006-01-09T20:00:00", "dateReserved": "2006-01-09T00:00:00", "dateUpdated": "2024-08-07T16:25:33.559Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2003-0719
Vulnerability from cvelistv5
Published
2004-04-16 04:00
Modified
2024-08-08 02:05
Severity ?
EPSS score ?
Summary
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
References
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093 | vdb-entry, signature, x_refsource_OVAL | |
http://www.securityfocus.com/archive/1/361836 | mailing-list, x_refsource_BUGTRAQ | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 | vendor-advisory, x_refsource_MS | |
http://www.kb.cert.org/vuls/id/586540 | third-party-advisory, x_refsource_CERT-VN | |
http://www.us-cert.gov/cas/techalerts/TA04-104A.html | third-party-advisory, x_refsource_CERT | |
http://xforce.iss.net/xforce/alerts/id/168 | third-party-advisory, x_refsource_ISS | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:05:12.390Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:1093", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093" }, { "name": "20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/361836" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "VU#586540", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/586540" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040413 Microsoft SSL Library Remote Compromise Vulnerability", "tags": [ "third-party-advisory", "x_refsource_ISS", "x_transferred" ], "url": "http://xforce.iss.net/xforce/alerts/id/168" }, { "name": "oval:org.mitre.oval:def:889", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889" }, { "name": "oval:org.mitre.oval:def:903", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903" }, { "name": "oval:org.mitre.oval:def:951", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:1093", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093" }, { "name": "20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/361836" }, { "name": "MS04-011", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "VU#586540", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/586540" }, { "name": "TA04-104A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040413 Microsoft SSL Library Remote Compromise Vulnerability", "tags": [ "third-party-advisory", "x_refsource_ISS" ], "url": "http://xforce.iss.net/xforce/alerts/id/168" }, { "name": "oval:org.mitre.oval:def:889", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889" }, { "name": "oval:org.mitre.oval:def:903", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903" }, { "name": "oval:org.mitre.oval:def:951", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0719", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:1093", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093" }, { "name": "20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/361836" }, { "name": "MS04-011", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "name": "VU#586540", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/586540" }, { "name": "TA04-104A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "name": "20040413 Microsoft SSL Library Remote Compromise Vulnerability", "refsource": "ISS", "url": "http://xforce.iss.net/xforce/alerts/id/168" }, { "name": "oval:org.mitre.oval:def:889", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889" }, { "name": "oval:org.mitre.oval:def:903", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903" }, { "name": "oval:org.mitre.oval:def:951", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0719", "datePublished": "2004-04-16T04:00:00", "dateReserved": "2003-09-02T00:00:00", "dateUpdated": "2024-08-08T02:05:12.390Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-0742
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:28
Severity ?
EPSS score ?
Summary
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/1544 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/5079 | vdb-entry, x_refsource_XF | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/templates/archive.pike?list=1&mid=63120 | mailing-list, x_refsource_BUGTRAQ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.316Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1544", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1544" }, { "name": "win-ipx-ping-packet(5079)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5079" }, { "name": "MS00-054", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054" }, { "name": "20000602 ipx storm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026mid=63120" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the \"Malformed IPX Ping Packet\" vulnerability." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1544", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1544" }, { "name": "win-ipx-ping-packet(5079)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5079" }, { "name": "MS00-054", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054" }, { "name": "20000602 ipx storm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026mid=63120" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0742", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the \"Malformed IPX Ping Packet\" vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1544", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1544" }, { "name": "win-ipx-ping-packet(5079)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5079" }, { "name": "MS00-054", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054" }, { "name": "20000602 ipx storm", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026mid=63120" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0742", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-1003
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/5370 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/1794 | vdb-entry, x_refsource_BID | |
http://www.securityfocus.com/archive/1/139511 | mailing-list, x_refsource_BUGTRAQ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:32.402Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "win-netbios-driver-type-dos(5370)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5370" }, { "name": "1794", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1794" }, { "name": "20001012 NSFOCUS SA2000-04: Microsoft Win9x client driver type comparing vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/139511" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-12T00:00:00", "descriptions": [ { "lang": "en", "value": "NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "win-netbios-driver-type-dos(5370)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5370" }, { "name": "1794", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1794" }, { "name": "20001012 NSFOCUS SA2000-04: Microsoft Win9x client driver type comparing vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/139511" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1003", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "win-netbios-driver-type-dos(5370)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5370" }, { "name": "1794", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1794" }, { "name": "20001012 NSFOCUS SA2000-04: Microsoft Win9x client driver type comparing vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/139511" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1003", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:32.402Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-2376
Vulnerability from cvelistv5
Published
2006-06-13 18:00
Modified
2024-08-07 17:51
Severity ?
EPSS score ?
Summary
Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.
References
▼ | URL | Tags |
---|---|---|
http://securityreason.com/securityalert/1094 | third-party-advisory, x_refsource_SREASON | |
http://www.vupen.com/english/advisories/2006/2324 | vdb-entry, x_refsource_VUPEN | |
http://www.osvdb.org/26431 | vdb-entry, x_refsource_OSVDB | |
http://www.us-cert.gov/cas/techalerts/TA06-164A.html | third-party-advisory, x_refsource_CERT | |
http://secunia.com/advisories/20631 | third-party-advisory, x_refsource_SECUNIA | |
http://www.securityfocus.com/archive/1/436950/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026 | vendor-advisory, x_refsource_MS | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/26815 | vdb-entry, x_refsource_XF | |
http://securitytracker.com/id?1016286 | vdb-entry, x_refsource_SECTRACK | |
http://www.kb.cert.org/vuls/id/909508 | third-party-advisory, x_refsource_CERT-VN | |
http://www.securityfocus.com/bid/18322 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:51:03.738Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1094", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/1094" }, { "name": "ADV-2006-2324", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2324" }, { "name": "26431", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/26431" }, { "name": "TA06-164A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "20631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20631" }, { "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded" }, { "name": "MS06-026", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026" }, { "name": "win-gre-wmf-code-execution(26815)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815" }, { "name": "1016286", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016286" }, { "name": "VU#909508", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/909508" }, { "name": "18322", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18322" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-18T14:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "1094", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/1094" }, { "name": "ADV-2006-2324", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2324" }, { "name": "26431", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/26431" }, { "name": "TA06-164A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "20631", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20631" }, { "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded" }, { "name": "MS06-026", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026" }, { "name": "win-gre-wmf-code-execution(26815)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815" }, { "name": "1016286", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016286" }, { "name": "VU#909508", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/909508" }, { "name": "18322", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18322" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-2376", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1094", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1094" }, { "name": "ADV-2006-2324", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2324" }, { "name": "26431", "refsource": "OSVDB", "url": "http://www.osvdb.org/26431" }, { "name": "TA06-164A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "20631", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20631" }, { "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded" }, { "name": "MS06-026", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026" }, { "name": "win-gre-wmf-code-execution(26815)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815" }, { "name": "1016286", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016286" }, { "name": "VU#909508", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/909508" }, { "name": "18322", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18322" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-2376", "datePublished": "2006-06-13T18:00:00", "dateReserved": "2006-05-15T00:00:00", "dateUpdated": "2024-08-07T17:51:03.738Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-1257
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
References
▼ | URL | Tags |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/6371 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:28.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MS02-069", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "6371", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6371" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-12-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-08-04T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MS02-069", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "6371", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6371" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1257", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MS02-069", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069" }, { "name": "6371", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6371" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1257", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-11-04T00:00:00", "dateUpdated": "2024-08-08T03:19:28.182Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-1201
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.
References
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=ntbugtraq&m=91849617221319&w=2 | mailing-list, x_refsource_NTBUGTRAQ | |
http://www.securityfocus.com/bid/225 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/7542 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:02:53.884Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19990206 New Windows 9x Bug: TCP Chorusing", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=91849617221319\u0026w=2" }, { "name": "225", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/225" }, { "name": "win-multiple-ip-dos(7542)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7542" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-02-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-07-23T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19990206 New Windows 9x Bug: TCP Chorusing", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=91849617221319\u0026w=2" }, { "name": "225", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/225" }, { "name": "win-multiple-ip-dos(7542)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7542" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1201", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19990206 New Windows 9x Bug: TCP Chorusing", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq\u0026m=91849617221319\u0026w=2" }, { "name": "225", "refsource": "BID", "url": "http://www.securityfocus.com/bid/225" }, { "name": "win-multiple-ip-dos(7542)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7542" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1201", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:02:53.884Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-7039
Vulnerability from cvelistv5
Published
2007-02-23 01:00
Modified
2024-08-07 20:50
Severity ?
EPSS score ?
Summary
The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/18462 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/27229 | vdb-entry, x_refsource_XF | |
http://www.vupen.com/english/advisories/2006/2354 | vdb-entry, x_refsource_VUPEN | |
http://secunia.com/advisories/20432 | third-party-advisory, x_refsource_SECUNIA | |
http://www.atrium-software.com/download/McrReadMe_EN.html | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:50:06.281Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "18462", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18462" }, { "name": "mercur-subject-dos(27229)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27229" }, { "name": "ADV-2006-2354", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2354" }, { "name": "20432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20432" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.atrium-software.com/download/McrReadMe_EN.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-10T00:00:00", "descriptions": [ { "lang": "en", "value": "The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "18462", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18462" }, { "name": "mercur-subject-dos(27229)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27229" }, { "name": "ADV-2006-2354", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2354" }, { "name": "20432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20432" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.atrium-software.com/download/McrReadMe_EN.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7039", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "18462", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18462" }, { "name": "mercur-subject-dos(27229)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27229" }, { "name": "ADV-2006-2354", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2354" }, { "name": "20432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20432" }, { "name": "http://www.atrium-software.com/download/McrReadMe_EN.html", "refsource": "CONFIRM", "url": "http://www.atrium-software.com/download/McrReadMe_EN.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7039", "datePublished": "2007-02-23T01:00:00", "dateReserved": "2007-02-22T00:00:00", "dateUpdated": "2024-08-07T20:50:06.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2000-1218
Vulnerability from cvelistv5
Published
2005-04-21 04:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/4280 | vdb-entry, x_refsource_XF | |
http://www.kb.cert.org/vuls/id/458659 | third-party-advisory, x_refsource_CERT-VN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "win2k-dns-resolver(4280)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4280" }, { "name": "VU#458659", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/458659" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "win2k-dns-resolver(4280)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4280" }, { "name": "VU#458659", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/458659" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1218", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "win2k-dns-resolver(4280)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4280" }, { "name": "VU#458659", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/458659" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1218", "datePublished": "2005-04-21T04:00:00", "dateReserved": "2005-04-21T00:00:00", "dateUpdated": "2024-08-08T05:45:37.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-0202
Vulnerability from cvelistv5
Published
2004-06-11 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.778Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ms-directx-directplay-dos(16306)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16306" }, { "name": "6742", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6742" }, { "name": "oval:org.mitre.oval:def:2413", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2413" }, { "name": "MS04-016", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-016" }, { "name": "oval:org.mitre.oval:def:2516", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2516" }, { "name": "oval:org.mitre.oval:def:2190", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2190" }, { "name": "oval:org.mitre.oval:def:1027", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1027" }, { "name": "oval:org.mitre.oval:def:2705", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2705" }, { "name": "10487", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10487" }, { "name": "11802", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11802" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-08T00:00:00", "descriptions": [ { "lang": "en", "value": "IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ms-directx-directplay-dos(16306)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16306" }, { "name": "6742", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6742" }, { "name": "oval:org.mitre.oval:def:2413", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2413" }, { "name": "MS04-016", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-016" }, { "name": "oval:org.mitre.oval:def:2516", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2516" }, { "name": "oval:org.mitre.oval:def:2190", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2190" }, { "name": "oval:org.mitre.oval:def:1027", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1027" }, { "name": "oval:org.mitre.oval:def:2705", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2705" }, { "name": "10487", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10487" }, { "name": "11802", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11802" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0202", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ms-directx-directplay-dos(16306)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16306" }, { "name": "6742", "refsource": "OSVDB", "url": "http://www.osvdb.org/6742" }, { "name": "oval:org.mitre.oval:def:2413", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2413" }, { "name": "MS04-016", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-016" }, { "name": "oval:org.mitre.oval:def:2516", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2516" }, { "name": "oval:org.mitre.oval:def:2190", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2190" }, { "name": "oval:org.mitre.oval:def:1027", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1027" }, { "name": "oval:org.mitre.oval:def:2705", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2705" }, { "name": "10487", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10487" }, { "name": "11802", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11802" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0202", "datePublished": "2004-06-11T04:00:00", "dateReserved": "2004-03-11T00:00:00", "dateUpdated": "2024-08-08T00:10:03.778Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2001-0721
Vulnerability from cvelistv5
Published
2001-11-22 05:00
Modified
2024-08-08 04:30
Severity ?
EPSS score ?
Summary
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
References
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=bugtraq&m=100528449024158&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://marc.info/?l=bugtraq&m=100467787323377&w=2 | mailing-list, x_refsource_BUGTRAQ | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054 | vendor-advisory, x_refsource_MS |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.054Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20011109 Important Information Regarding MS01-054 and WindowsME", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100528449024158\u0026w=2" }, { "name": "20011101 Three Windows XP UPNP DOS attacks", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100467787323377\u0026w=2" }, { "name": "MS01-054", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20011109 Important Information Regarding MS01-054 and WindowsME", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100528449024158\u0026w=2" }, { "name": "20011101 Three Windows XP UPNP DOS attacks", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100467787323377\u0026w=2" }, { "name": "MS01-054", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0721", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20011109 Important Information Regarding MS01-054 and WindowsME", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100528449024158\u0026w=2" }, { "name": "20011101 Three Windows XP UPNP DOS attacks", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100467787323377\u0026w=2" }, { "name": "MS01-054", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-054" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0721", "datePublished": "2001-11-22T05:00:00", "dateReserved": "2001-09-27T00:00:00", "dateUpdated": "2024-08-08T04:30:06.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-0020
Vulnerability from cvelistv5
Published
2006-01-10 21:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."
References
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638 | vdb-entry, signature, x_refsource_OVAL | |
http://www.osvdb.org/22976 | vdb-entry, x_refsource_OSVDB | |
http://secunia.com/advisories/18912 | third-party-advisory, x_refsource_SECUNIA | |
http://linuxbox.org/pipermail/funsec/2006-January/002828.html | mailing-list, x_refsource_MLIST | |
http://secunia.com/advisories/18729 | third-party-advisory, x_refsource_SECUNIA | |
http://www.microsoft.com/technet/security/advisory/913333.mspx | x_refsource_CONFIRM | |
http://www.kb.cert.org/vuls/id/312956 | third-party-advisory, x_refsource_CERT-VN | |
http://www.vupen.com/english/advisories/2006/0469 | vdb-entry, x_refsource_VUPEN | |
http://www.us-cert.gov/cas/techalerts/TA06-045A.html | third-party-advisory, x_refsource_CERT | |
http://www.securityfocus.com/bid/16516 | vdb-entry, x_refsource_BID | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004 | vendor-advisory, x_refsource_MS |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T16:18:20.734Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:1638", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638" }, { "name": "22976", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/22976" }, { "name": "18912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18912" }, { "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html" }, { "name": "18729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18729" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx" }, { "name": "VU#312956", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/312956" }, { "name": "ADV-2006-0469", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0469" }, { "name": "TA06-045A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "16516", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16516" }, { "name": "MS06-004", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "oval:org.mitre.oval:def:1638", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638" }, { "name": "22976", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/22976" }, { "name": "18912", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18912" }, { "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html" }, { "name": "18729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18729" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx" }, { "name": "VU#312956", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/312956" }, { "name": "ADV-2006-0469", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0469" }, { "name": "TA06-045A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "16516", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16516" }, { "name": "MS06-004", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-0020", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:1638", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638" }, { "name": "22976", "refsource": "OSVDB", "url": "http://www.osvdb.org/22976" }, { "name": "18912", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18912" }, { "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch", "refsource": "MLIST", "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html" }, { "name": "18729", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18729" }, { "name": "http://www.microsoft.com/technet/security/advisory/913333.mspx", "refsource": "CONFIRM", "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx" }, { "name": "VU#312956", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/312956" }, { "name": "ADV-2006-0469", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0469" }, { "name": "TA06-045A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html" }, { "name": "16516", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16516" }, { "name": "MS06-004", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-0020", "datePublished": "2006-01-10T21:00:00", "dateReserved": "2005-11-30T00:00:00", "dateUpdated": "2024-08-07T16:18:20.734Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-7031
Vulnerability from cvelistv5
Published
2007-02-23 01:00
Modified
2025-01-17 14:15
Severity ?
EPSS score ?
Summary
Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/1775 | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/17932 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:50:05.924Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1775", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/1775" }, { "name": "17932", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/17932" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2006-7031", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-17T14:14:57.136935Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-17T14:15:00.544Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-05-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an \"unhandled exception\" in mshtml.dll." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1775", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/1775" }, { "name": "17932", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/17932" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7031", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an \"unhandled exception\" in mshtml.dll." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1775", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/1775" }, { "name": "17932", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17932" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7031", "datePublished": "2007-02-23T01:00:00", "dateReserved": "2007-02-22T00:00:00", "dateUpdated": "2025-01-17T14:15:00.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2004-1319
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.504Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "13482", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/13482/" }, { "name": "ie-dhtml-xss(18504)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18504" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm" }, { "name": "oval:org.mitre.oval:def:3851", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3851" }, { "name": "11950", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11950" }, { "name": "oval:org.mitre.oval:def:1114", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1114" }, { "name": "oval:org.mitre.oval:def:3464", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3464" }, { "name": "MS05-013", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-013" }, { "name": "20041215 MSIE DHTML Edit Control Cross Site Scripting Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html" }, { "name": "oval:org.mitre.oval:def:4758", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4758" }, { "name": "VU#356600", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/356600" }, { "name": "oval:org.mitre.oval:def:1701", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1701" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by \"AbusiveParent\" in Internet Explorer 6.0.2900.2180." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "13482", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/13482/" }, { "name": "ie-dhtml-xss(18504)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18504" }, { "name": "TA05-039A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm" }, { "name": "oval:org.mitre.oval:def:3851", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3851" }, { "name": "11950", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11950" }, { "name": "oval:org.mitre.oval:def:1114", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1114" }, { "name": "oval:org.mitre.oval:def:3464", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3464" }, { "name": "MS05-013", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-013" }, { "name": "20041215 MSIE DHTML Edit Control Cross Site Scripting Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html" }, { "name": "oval:org.mitre.oval:def:4758", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4758" }, { "name": "VU#356600", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/356600" }, { "name": "oval:org.mitre.oval:def:1701", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1701" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1319", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by \"AbusiveParent\" in Internet Explorer 6.0.2900.2180." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "13482", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13482/" }, { "name": "ie-dhtml-xss(18504)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18504" }, { "name": "TA05-039A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "name": "http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm", "refsource": "MISC", "url": "http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm" }, { "name": "oval:org.mitre.oval:def:3851", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3851" }, { "name": "11950", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11950" }, { "name": "oval:org.mitre.oval:def:1114", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1114" }, { "name": "oval:org.mitre.oval:def:3464", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3464" }, { "name": "MS05-013", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-013" }, { "name": "20041215 MSIE DHTML Edit Control Cross Site Scripting Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html" }, { "name": "oval:org.mitre.oval:def:4758", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4758" }, { "name": "VU#356600", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/356600" }, { "name": "oval:org.mitre.oval:def:1701", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1701" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1319", "datePublished": "2005-01-06T05:00:00", "dateReserved": "2005-01-06T00:00:00", "dateUpdated": "2024-08-08T00:46:12.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-1999-1254
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/1947 | vdb-entry, x_refsource_XF | |
http://marc.info/?l=ntbugtraq&m=92099515709467&w=2 | mailing-list, x_refsource_NTBUGTRAQ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:02:53.955Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "win-redirects-freeze(1947)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1947" }, { "name": "19990308 Winfreeze EXPLOIT Win9x/NT", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=92099515709467\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-03-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "win-redirects-freeze(1947)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1947" }, { "name": "19990308 Winfreeze EXPLOIT Win9x/NT", "tags": [ "mailing-list", "x_refsource_NTBUGTRAQ" ], "url": "http://marc.info/?l=ntbugtraq\u0026m=92099515709467\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1254", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "win-redirects-freeze(1947)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1947" }, { "name": "19990308 Winfreeze EXPLOIT Win9x/NT", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq\u0026m=92099515709467\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1254", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:02:53.955Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2002-1183
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).
References
▼ | URL | Tags |
---|---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/9776 | vdb-entry, x_refsource_XF | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/5410 | vdb-entry, x_refsource_BID | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:27.750Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ssl-ca-certificate-spoofing(9776)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776" }, { "name": "MS02-050", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050" }, { "name": "5410", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5410" }, { "name": "oval:org.mitre.oval:def:2108", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108" }, { "name": "oval:org.mitre.oval:def:1455", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455" }, { "name": "oval:org.mitre.oval:def:1059", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-11-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka \"New Variant of Certificate Validation Flaw Could Enable Identity Spoofing\" (CAN-2002-0862)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-11-01T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ssl-ca-certificate-spoofing(9776)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776" }, { "name": "MS02-050", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050" }, { "name": "5410", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5410" }, { "name": "oval:org.mitre.oval:def:2108", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108" }, { "name": "oval:org.mitre.oval:def:1455", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455" }, { "name": "oval:org.mitre.oval:def:1059", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1183", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka \"New Variant of Certificate Validation Flaw Could Enable Identity Spoofing\" (CAN-2002-0862)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ssl-ca-certificate-spoofing(9776)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9776" }, { "name": "MS02-050", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-050" }, { "name": "5410", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5410" }, { "name": "oval:org.mitre.oval:def:2108", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2108" }, { "name": "oval:org.mitre.oval:def:1455", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1455" }, { "name": "oval:org.mitre.oval:def:1059", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1059" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1183", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-10-04T00:00:00", "dateUpdated": "2024-08-08T03:19:27.750Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-1313
Vulnerability from cvelistv5
Published
2006-06-13 19:00
Modified
2024-08-07 17:03
Severity ?
EPSS score ?
Summary
Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:03:29.012Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:1785", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785" }, { "name": "oval:org.mitre.oval:def:1644", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644" }, { "name": "1016283", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016283" }, { "name": "ms-jscript-code-execution(26805)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805" }, { "name": "ADV-2006-2321", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/2321" }, { "name": "TA06-164A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "oval:org.mitre.oval:def:1067", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067" }, { "name": "VU#390044", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/390044" }, { "name": "26434", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/26434" }, { "name": "MS06-023", "tags": [ "vendor-advisory", "x_refsource_MS", "x_transferred" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023" }, { "name": "18359", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/18359" }, { "name": "oval:org.mitre.oval:def:2003", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003" }, { "name": "20620", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20620" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "oval:org.mitre.oval:def:1785", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785" }, { "name": "oval:org.mitre.oval:def:1644", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644" }, { "name": "1016283", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016283" }, { "name": "ms-jscript-code-execution(26805)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805" }, { "name": "ADV-2006-2321", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/2321" }, { "name": "TA06-164A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "oval:org.mitre.oval:def:1067", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067" }, { "name": "VU#390044", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/390044" }, { "name": "26434", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/26434" }, { "name": "MS06-023", "tags": [ "vendor-advisory", "x_refsource_MS" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023" }, { "name": "18359", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/18359" }, { "name": "oval:org.mitre.oval:def:2003", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003" }, { "name": "20620", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20620" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-1313", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:1785", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785" }, { "name": "oval:org.mitre.oval:def:1644", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644" }, { "name": "1016283", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016283" }, { "name": "ms-jscript-code-execution(26805)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805" }, { "name": "ADV-2006-2321", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2321" }, { "name": "TA06-164A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" }, { "name": "oval:org.mitre.oval:def:1067", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067" }, { "name": "VU#390044", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/390044" }, { "name": "26434", "refsource": "OSVDB", "url": "http://www.osvdb.org/26434" }, { "name": "MS06-023", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023" }, { "name": "18359", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18359" }, { "name": "oval:org.mitre.oval:def:2003", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003" }, { "name": "20620", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20620" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-1313", "datePublished": "2006-06-13T19:00:00", "dateReserved": "2006-03-20T00:00:00", "dateUpdated": "2024-08-07T17:03:29.012Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-0010
Vulnerability from cvelistv5
Published
2006-01-10 22:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.
References
Impacted products
Vendor | Product | Version |
---|