Vulnerabilites related to microsoft - windows_xp
Vulnerability from fkie_nvd
Published
2009-06-10 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka "Windows Driver Class Registration Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | sp2 | |
microsoft | windows_server_2008 | sp2 | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x32:*:*:*:*:*:*", "matchCriteriaId": "9517571A-BC1A-4838-A094-30081A86D36C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:sp2:x64:*:*:*:*:*:*", "matchCriteriaId": "CD7CA7F0-9C4D-4172-91BD-90A8C86EE337", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka \"Windows Driver Class Registration Vulnerability.\"" }, { "lang": "es", "value": "The kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2, no valida adecuadamente un argumento de una llamada de sistema inespec\u00edfica, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocido como \"Vulnerabilidad de Registro de Clase de Driver de Windows\"." } ], "id": "CVE-2009-1125", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-06-10T18:30:00.360", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/54942" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/35372" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/35240" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022359" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/1544" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/54942" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/35240" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022359" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1544" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5912" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-11-14 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka "Code Access Security Info Disclosure Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | .net_framework | 2.0 | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - | |
microsoft | .net_framework | 3.5.1 | |
microsoft | windows_7 | * | |
microsoft | windows_7 | * | |
microsoft | windows_7 | * | |
microsoft | windows_7 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka \"Code Access Security Info Disclosure Vulnerability.\"" }, { "lang": "es", "value": "Microsoft .NET Framework 2.0 SP2 y v3.5.1 no consideran de forma adecuada los niveles de seguridad durante la construccion de los datos de salida, lo que permite a atacantes remotos para obtener informaci\u00f3n sensible a trav\u00e9s de (1) una aplicaci\u00f3n manipulada para un navegador XAML (tamb\u00eden conocido como XBAP) o (2) una aplicaci\u00f3n .NET Framework manipulada, tamb\u00eden conocido como \"Code Access Security Info Disclosure Vulnerability.\"" } ], "id": "CVE-2012-1896", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-11-14T00:55:01.420", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/51236" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/56456" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1027753" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-074" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15785" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/51236" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/56456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027753" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15785" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document." }, { "lang": "es", "value": "Webkit en Apple Safari anterior a v5.0 en MAc OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, accede a la memoria fuera de rango durante el prcesamiento de talas HTML, lo cu\u00e1l permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n o causar una denegaci\u00f3n del servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de documentos HTML manipulados." } ], "id": "CVE-2010-1774", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T19:30:23.753", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/40196" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4220" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59218" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7476" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/40196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59218" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7476" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-01-13 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka \"Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de enteros en el motor de fuente de Embedded OpenType (EOT) (t2embed.dll) en Microsoft Windows 2000 SP4; Windows XP SP2 y SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1 y SP2; Windows Server 2008 Gold, SP2 y R2; y Windows 7 permite que los atacantes remotos ejecuten c\u00f3digo arbitrario por medio de datos comprimidos que representan una fuente EOT creada, tambi\u00e9n conocida como \"Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability.\"" } ], "evaluatorComment": "Per: http://www.microsoft.com/technet/security/Bulletin/MS10-001.mspx\r\n\r\n\r\nThis security update is rated Critical for Microsoft Windows 2000, and is rated Low for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section.", "id": "CVE-2010-0018", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-01-13T19:30:00.640", "references": [ { "source": "secure@microsoft.com", "url": "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx" }, { "source": "secure@microsoft.com", "url": "http://osvdb.org/61651" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35457" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/37671" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1023432" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-012B.html" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/0095" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/61651" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/37671" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1023432" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-012B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/0095" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-04-23 13:05
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.
References
▼ | URL | Tags | |
---|---|---|---|
cret@cert.org | http://osvdb.org/44652 | Broken Link | |
cret@cert.org | http://www.kb.cert.org/vuls/id/570089 | Third Party Advisory, US Government Resource | |
cret@cert.org | http://www.securityfocus.com/bid/28882 | Third Party Advisory, VDB Entry | |
cret@cert.org | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069 | ||
cret@cert.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41940 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/44652 | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/570089 | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28882 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41940 | Third Party Advisory, VDB Entry |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:*", "matchCriteriaId": "9F98AE07-3995-4501-9804-FEA5A87ADFAD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "A7371547-290D-4D0D-B98D-CA28B4D2E8B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:professional:*:x64:*", "matchCriteriaId": "18420EC8-633E-4AED-B33F-5A3C673C396D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:itanium:*", "matchCriteriaId": "9F98AE07-3995-4501-9804-FEA5A87ADFAD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "A7371547-290D-4D0D-B98D-CA28B4D2E8B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*", "matchCriteriaId": "51160A46-6768-44D5-89CD-6DB9D2268A2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:professional:*:*:*:x64:*", "matchCriteriaId": "39DC2489-8FB9-4301-A966-268DE7D0A503", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:professional:*:*:*:x64:*", "matchCriteriaId": "C551BCF9-358A-46F5-8592-E309D3EBC5F3", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en el control ActiveX Microsoft HeartbeatCtl en HRTBEAT.OCX permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s del argumento Host en un m\u00e9todo no especificado." } ], "id": "CVE-2007-6255", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-04-23T13:05:00.000", "references": [ { "source": "cret@cert.org", "tags": [ "Broken Link" ], "url": "http://osvdb.org/44652" }, { "source": "cret@cert.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/570089" }, { "source": "cret@cert.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/28882" }, { "source": "cret@cert.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" }, { "source": "cret@cert.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://osvdb.org/44652" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/570089" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/28882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41940" } ], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-11-12 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C9B9BE3-6F83-469E-834F-3E00CFECD8E2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "73052210-0B42-46AA-9F28-AAE3E9B6DE87", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4170FCB7-274C-4318-B7A1-8F18DE604A2D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "ABBA5D64-4184-4420-B7D0-A4E41359AA5A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B91A0AA-44C0-4ED8-A7AC-54C9C83FFEFE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*", "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*", "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:groove:2007:*:*:*:*:*:*:*", "matchCriteriaId": "355F60DB-EC9A-4054-8023-BD16D5723C9F", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:*:*:*:*:*:*:*", "matchCriteriaId": "53DC2480-5B8D-4E96-BD54-17561B1FFE7F", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C0BBD1BF-B54F-41C7-AB52-0B93E647C98D", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "B4B148CC-6C58-411B-8503-01F3BE1D5906", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:*:*:*:*:*:*:*", "matchCriteriaId": "864B622E-B522-4791-AC82-0711130544BA", "vulnerable": false }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "CF3C2971-447B-4054-86C6-3169B82E525B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka \"MSXML Header Request Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de dominios cruzados en Microsoft XML Core Services v3.0 hasta v6.0, como el que se utiliza en Microsoft Expression Web, Office, Internet Explorer y otros productos; permite a atacantes remotos obtener informaci\u00f3n sensible de otro dominio y corromper el estado de la sesi\u00f3n a trav\u00e9s de solicitudes de campos de cabecera HTTP, como se ha demostrado con el campo Transfer-Encoding. Tambi\u00e9n se conoce como \"Vulnerabilidad de la solicitud de la cabecera MSXML\"." } ], "id": "CVE-2008-4033", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-11-12T23:30:02.727", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1021164" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/32204" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/3111" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122703006921213\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1021164" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/32204" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3111" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:home:*:*:*:*:*", "matchCriteriaId": "A1B0FA50-529D-4D33-9B6E-F32AF0A8FD90", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:home:*:*:*:*:*", "matchCriteriaId": "A1B0FA50-529D-4D33-9B6E-F32AF0A8FD90", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka \"HTML Component Handling Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v5.01 SP4, v6, v6 SP1, v7, y v8 no gestiona adecuadamente la validaci\u00f3n de argumentos para un n\u00famero de variables sin especificar lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documentos HTML manipulado, tambi\u00e9n conocido como \"Vulnerabilidad de gesti\u00f3n de componentes HTML\"." } ], "id": "CVE-2009-2529", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2009-10-14T10:30:01.733", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-054" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6419" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6419" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2007-10-09 22:17
Modified
2025-04-09 00:30
Severity ?
Summary
rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:professional:*:*:*:*:*", "matchCriteriaId": "CC5A2998-AFD9-4AD3-BC47-E653345323AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak." }, { "lang": "es", "value": "En la biblioteca rpcrt4.dll (tambi\u00e9n conocida como la biblioteca de tiempo de ejecuci\u00f3n RPC) en Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 y SP2, Server 2003 x64 Edition y x64 Edition SP2, y Vista y Vista x64 Edition permiten que los atacantes remotos causar una denegaci\u00f3n de servicio (RPCSS servicio de parada y reinicio del sistema) por medio de una petici\u00f3n RPC que utiliza la autenticaci\u00f3n NTLMSSP PACKET con una firma de remolque de verificaci\u00f3n de valor cero, que conlleva una desreferencia no v\u00e1lida. NOTA: esto tambi\u00e9n afecta a Windows 2000 SP4, aunque el impacto es un filtrado de informaci\u00f3n." } ], "id": "CVE-2007-2228", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-10-09T22:17:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27134" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27153" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1018787" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/25974" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3438" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27134" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27153" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018787" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25974" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3438" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-11-07 23:46
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F7B1883-C89D-4731-B2B5-9C73E9A0672D", "versionEndIncluding": "7.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una longitud de c\u00f3digo de operaci\u00f3n (opcode) UncompressedQuickTimeData inv\u00e1lida en una imagen PICT." } ], "id": "CVE-2007-4672", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-11-07T23:46:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=306896" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://osvdb.org/38547" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27523" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3350" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483314/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26344" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018894" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3723" }, { "source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-068.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38279" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=306896" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/38547" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3350" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483314/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3723" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-068.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38279" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-04-16 19:15
Modified
2024-11-21 05:37
Severity ?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
References
▼ | URL | Tags | |
---|---|---|---|
cybersecurity@se.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 | Third Party Advisory, US Government Resource | |
cybersecurity@se.com | https://www.se.com/ww/en/download/document/SESB-2020-105-01 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.se.com/ww/en/download/document/SESB-2020-105-01 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
schneider-electric | tristation_1131 | * | |
schneider-electric | tristation_1131 | 4.10.0 | |
schneider-electric | tristation_1131 | 4.12.0 | |
microsoft | windows_7 | - | |
microsoft | windows_nt | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:schneider-electric:tristation_1131:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF85A1C1-5867-486A-8E17-36C83324329A", "versionEndIncluding": "4.9.0", "versionStartIncluding": "1.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:schneider-electric:tristation_1131:4.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA77BE7C-A96A-460E-ABCE-7B578B8827D1", "vulnerable": true }, { "criteria": "cpe:2.3:a:schneider-electric:tristation_1131:4.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "325A4334-FF06-4F8A-9C3E-D2F37D32D8D9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:-:*:*:*:*:*:*:*", "matchCriteriaId": "46E2D695-54F5-4D3E-B1F8-CABE51AE6064", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1" }, { "lang": "es", "value": "**VERSI\u00d3N NO COMPATIBLE CUANDO SE ASIGN\u00d3** Una cuenta de soporte heredada en la versi\u00f3n v4.9.0 y anteriores del software TriStation podr\u00eda causar un acceso inapropiado a la m\u00e1quina host de TriStation. Esto fue abordado en TriStation versiones v4.9.1 y v4.10.1 publicadas en May 30, 2013.1" } ], "id": "CVE-2020-7485", "lastModified": "2024-11-21T05:37:14.350", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-04-16T19:15:34.777", "references": [ { "source": "cybersecurity@se.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01" }, { "source": "cybersecurity@se.com", "tags": [ "Vendor Advisory" ], "url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01" } ], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-15 08:00
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:32_bit:*:*:*:*:*", "matchCriteriaId": "C4BFF042-5C0B-482A-915B-3B9A267D2D96", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*", "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka \"Uninitialized Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 6 SP1, 6 y 7 en Windows XP SP2 y SP3, 6 y 7 en Windows Server 2003 SP1 y SP2, 7 en Windows Vista Gold y SP1, y 7 en Windows Server 2008 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una p\u00e1gina web que dispara la presencia de un objeto en memoria que (1) no fue inicializado adecuadamente o (2) borrado, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria no inicializada\"." } ], "id": "CVE-2009-0553", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-04-15T08:00:00.670", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/53626" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/34678" }, { "source": "secure@microsoft.com", "tags": [ "URL Repurposed" ], "url": "http://skypher.com/index.php/2009/04/19/ms09-014-embed-element-memory-corruption/" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/34424" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022042" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/1028" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/53626" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34678" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://skypher.com/index.php/2009/04/19/ms09-014-embed-element-memory-corruption/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34424" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6069" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-11-29 21:03
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | 64-bit | |
microsoft | windows_2003_server | itanium | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*", "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "D2CA1674-A8A0-479A-9D80-344D3C563A24", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*", "matchCriteriaId": "0808041A-CE1A-433A-9C2B-019097CCFB0C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*", "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to \"An unchecked buffer\" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka \"Windows Metafile Vulnerability.\"" } ], "id": "CVE-2005-2124", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2005-11-29T21:03:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/17223" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/17461" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/17498" }, { "source": "secure@microsoft.com", "url": "http://securityreason.com/securityalert/161" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1015168" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf" }, { "source": "secure@microsoft.com", "url": "http://www.eeye.com/html/research/advisories/AD20051108a.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.eeye.com/html/research/advisories/AD20051108b.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/433341" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/15356" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-312A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2005/2348" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17461" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17498" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/161" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.eeye.com/html/research/advisories/AD20051108a.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.eeye.com/html/research/advisories/AD20051108b.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/433341" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15356" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-312A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2348" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-12-16 19:33
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | 8 | |
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Element Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 8 no maneja correctamente objetos en memoria, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el acceso a un objeto que (1) no se ha iniciado correctamente o (2) se ha eliminado, lo que genera una corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de Memoria en un elemento HTML\"." } ], "id": "CVE-2010-3345", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-12-16T19:33:02.457", "references": [ { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1024872" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11849" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1024872" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11849" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-908" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-13 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka \"Win32k Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 Gold SP1, permite a atacantes locales producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario mediante una aplicaci\u00f3n manipulada que aprovecha la gesti\u00f3n incorrecta objeto controlador, una vulnerabilidad diferente a los CVE enumerados en MS11-054, tambi\u00e9n conocido como \" Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en win32k.sys\".\r\n" } ], "id": "CVE-2011-1882", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-07-13T23:55:01.257", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/73782" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/45186" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100144947" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/48594" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025761" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12738" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/73782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/45186" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100144947" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48594" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025761" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12738" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a \"vulnerable binary\" to load and run, aka \"Memory Corruption in Indexing Service Vulnerability.\"" }, { "lang": "es", "value": "Cierto control ActiveX en el servicio de indexado de Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2 no procesa adecuadamente las URLs, lo que permite a atacantes remotos ejecutar programas de forma arbitraria a trav\u00e9s de vectores sin especificar que producen un \"binario vulnerable\" para cargar y ejecutar, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria en el servicio de indexado\"." } ], "id": "CVE-2009-2507", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-10-14T10:30:01.453", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-057" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-057" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6042" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-10-21 18:02
Modified
2025-04-03 01:03
Severity ?
Summary
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118." } ], "id": "CVE-2005-2122", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-10-21T18:02:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17168" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17172" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17223" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1015040" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.argeniss.com/research/MSBugPaper.pdf" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/922708" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/15069" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-284A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1329" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1488" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1517" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1537" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1551" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17172" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/17223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.argeniss.com/research/MSBugPaper.pdf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/922708" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-284A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1488" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1551" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A708" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "EAB2E520-56D9-4B3F-99BA-EBC04AC30E4F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "EEAFE154-7058-40A1-9806-22476A7DF0BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "394F16B8-C29F-445A-AA47-AA82F78CFA20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "A2A2852D-64BE-40B1-8811-02EBDC1E044E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*", "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow." } ], "id": "CVE-2004-1361", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110383690219440\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/12091" }, { "source": "cve@mitre.org", "url": "http://www.xfocus.net/flashsky/icoExp/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18678" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110383690219440\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/12091" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.xfocus.net/flashsky/icoExp/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18678" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-08-25 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
prevx | prevx | 3.0.5.143 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:prevx:prevx:3.0.5.143:*:*:*:*:*:*:*", "matchCriteriaId": "61D145FE-D57C-435A-89DC-1D200EEAB41B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [ { "sourceIdentifier": "cve@mitre.org", "tags": [ "disputed" ] } ], "descriptions": [ { "lang": "en", "value": "Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute" }, { "lang": "es", "value": "** EN DISPUTA ** Condici\u00f3n de carrera en Prevx v3.0.5.143 sobre Windows XP permite a usuarios locales evitar manejadores de kernel-mode hook, y ejecutar c\u00f3digo malicioso que podr\u00eda ser bloquedo por un manejador pero no por un detector de malware signature-based, a trav\u00e9s de ciertos cambios en memoria user-space durante la ejecuci\u00f3n de hook-handler , tambi\u00e9n conocido por argument-switch attack o ataque KHOBE. Nota: este problema est\u00e1 en disputa por terceras partes." } ], "id": "CVE-2010-5174", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-08-25T21:55:03.493", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "cve@mitre.org", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/67660" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "cve@mitre.org", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/67660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-09-29 20:09
Modified
2025-04-09 00:30
Severity ?
Summary
The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events. NOTE: it was later reported that Firefox 3.0.2 on Mac OS X 10.5 is also affected.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | 3.0.3 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events. NOTE: it was later reported that Firefox 3.0.2 on Mac OS X 10.5 is also affected." }, { "lang": "es", "value": "El despachador de eventos de la interfaz de usuario en Mozilla Firefox versi\u00f3n 3.0.3, en Windows XP SP2, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (desreferencia del puntero NULL y bloqueo de aplicaci\u00f3n) por medio de una serie de eventos de keypress, click, onkeydown, onkeyup, onmousedown, y onmouseup. NOTA: m\u00e1s tarde se report\u00f3 que Firefox versi\u00f3n 3.0.2 en Mac OS X versi\u00f3n 10.5 tambi\u00e9n est\u00e1 afectado." } ], "id": "CVE-2008-4324", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-09-29T20:09:59.687", "references": [ { "source": "cve@mitre.org", "url": "http://evilfingers.com/advisory/Firefox_User_Interface_Null_Pointer_Dereference_Dispatcher_Crash_n_Remote_DoS.php" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/32040" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://securityreason.com/securityalert/4321" }, { "source": "cve@mitre.org", "url": "http://www.secniche.org/moz303.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.secniche.org/moz303/index.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/496807/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/496846/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/31476" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/6614" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://evilfingers.com/advisory/Firefox_User_Interface_Null_Pointer_Dereference_Dispatcher_Crash_n_Remote_DoS.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/32040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://securityreason.com/securityalert/4321" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.secniche.org/moz303.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.secniche.org/moz303/index.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/496807/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/496846/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/31476" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/6614" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-01-12 01:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*", "matchCriteriaId": "036C836C-6387-4DAC-96B2-94C979D236E8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*", "matchCriteriaId": "6182A820-5DF9-4ABF-9E5A-DC9EE8F98E37", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3248539-0206-414E-9EAB-2DE8FFF5A52C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka \"ADO Record Memory Vulnerability.\" NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118." }, { "lang": "es", "value": "Microsoft Data Access Components (MDAC) versi\u00f3n 2.8 SP1 y SP2 y Windows Data Access Components (WDAC) versi\u00f3n 6.0 no valida apropiadamente la asignaci\u00f3n de memoria para las estructuras de datos internas, lo que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario, posiblemente por medio de una propiedad CacheSize larga que desencadena un ajuste de enteros y un desbordamiento del b\u00fafer, tambi\u00e9n se conoce como \"ADO Record Memory Vulnerability\" Nota: este CVE podr\u00eda ser un duplicado de CVE-2010-1117 o CVE-2010-1118." } ], "id": "CVE-2011-0027", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-01-12T01:00:01.887", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/70444" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/42804" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100124846" }, { "source": "secure@microsoft.com", "url": "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/45698" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1024947" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-011A.html" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0075" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-002/" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/70444" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/42804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100124846" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/45698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024947" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-011A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-10-13 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka "Comctl32 Heap Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka \"Comctl32 Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica Comctl32.dll (tambi\u00e9n conocido como librer\u00eda de control com\u00fan) en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7, cuando se usa el programa SVG viewer, permite atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de documentos HTML manipulados que desemboca en mensajes no especificados desde este visor, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento din\u00e1mico en Comct132\"" } ], "evaluatorComment": "Per: http://www.microsoft.com/technet/security/Bulletin/MS10-081.mspx\r\n\r\n\u0027This vulnerability cannot be exploited in the default Windows configuration. In order to be vulnerable to the issue, a third-party application that renders scalable vector graphics (SVG) must be installed on the system.\u0027", "id": "CVE-2010-2746", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-10-13T19:00:44.337", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1024549" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-081" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7272" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7272" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-02-10 16:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0036.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-2556 and CVE-2011-0036." }, { "lang": "es", "value": "Microsoft Internet Explorer 6, 7, y 8 no maneja adecuadamente objetos en memoria, lo que permite que atacantes remotos ejecuten c\u00f3digo de su elecci\u00f3n accediendo al objeto que (1) no fue actualizado adecuadamente o (2) es borrado, permitiendo una corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Uninitialized Memory Corruption Vulnerability,\" una vulnerabilidad diferente a CVE-2010-2556 y CVE-2011-0036." } ], "id": "CVE-2011-0035", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-02-10T16:00:13.487", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/70831" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100127294" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/46157" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025038" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0318" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-003" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64911" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12371" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/70831" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100127294" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46157" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0318" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12371" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-12-13 01:30
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_media_player | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "5044AB3C-7E2F-45F8-8392-7E99FC198787", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file." }, { "lang": "es", "value": "Desbordamiento del b\u00fafer de la memoria din\u00e1mica en el codec Intel Indeo41 para Windows Media Player en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor grande de tama\u00f1o en una grabaci\u00f3n de pel\u00edcula en un stream IV41 en un fichero multimedia, como se demuestra en un fichero AVI." } ], "id": "CVE-2009-4309", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-12-13T01:30:00.483", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37592" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023302" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/954157" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/955759" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/976138" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.microsoft.com/technet/security/advisory/954157.mspx" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/60855" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/508324/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/37251" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3440" }, { "source": "cve@mitre.org", "url": "http://zerodayinitiative.com/advisories/ZDI-09-089/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54642" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54645" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37592" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1023302" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/954157" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/955759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/976138" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.microsoft.com/technet/security/advisory/954157.mspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/60855" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/508324/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/37251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/3440" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://zerodayinitiative.com/advisories/ZDI-09-089/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-21 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.
References
▼ | URL | Tags | |
---|---|---|---|
product-security@apple.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
product-security@apple.com | http://support.apple.com/kb/HT4808 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4808 | Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:cfnetwork:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E470F24-6F4A-4AB1-9D59-8DDAAA09A7F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5", "versionEndIncluding": "5.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file." }, { "lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en CFNetwork en Apple Safari anterior a v5.0.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un fichero en texto plano manipulado" } ], "id": "CVE-2010-1420", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-07-21T23:55:01.647", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees." }, { "lang": "es", "value": "Vulnerabilidad de uso despues de liberacion en WebKit en Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n o causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con sub\u00e1rboles en documentos HTML" } ], "id": "CVE-2010-1761", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T19:30:20.333", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/40196" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4220" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7157" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/40196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7157" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-12-12 00:46
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A375A6D9-5DD3-4DD9-98AF-F513A4C86F88", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9:*:*:*:*:*:*:*", "matchCriteriaId": "0FD41070-7ED7-41D6-AF81-C038A8DB3C0D", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*", "matchCriteriaId": "87AA5126-90FF-40F5-8664-E8260C2C8CF5", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*", "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_services:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3E3CAB6-D1AF-4B13-97E3-0E96D4F32F87", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Windows Media Format Runtime versiones 7.1, 9, 9.5, 9.5 x64 Edition, versi\u00f3n 11, y Windows Media Services versi\u00f3n 9.1 para Microsoft Windows 2000, XP, Server 2003 y Vista, permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de un archivo Advanced Systems Format (ASF) creado." } ], "id": "CVE-2007-0064", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-12-12T00:46:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28034" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/319385" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26776" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019074" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/4183" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-068" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/319385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/4183" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3622" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-12-16 19:33
Modified
2025-04-11 00:51
Severity ?
Summary
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k PFE Pointer Double Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka \"Win32k PFE Pointer Double Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de doble liberaci\u00f3n en win32k.sys en los controladores del kernel-mode en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7 permite a usuarios locales aumentar sus privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada. Tambi\u00e9n se conoce como \"Vulnerabilidad de Doble Liberaci\u00f3n de Puntero Win32k PFE\"." } ], "id": "CVE-2010-3940", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-12-16T19:33:02.647", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1024880" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024880" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12194" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-08-25 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
drweb | web_security_space | 6.0.0.03100 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:drweb:web_security_space:6.0.0.03100:-:professional:*:*:*:*:*", "matchCriteriaId": "1309AD49-5C84-4EC2-8EB4-5CEBD707E66A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [ { "sourceIdentifier": "cve@mitre.org", "tags": [ "disputed" ] } ], "descriptions": [ { "lang": "en", "value": "Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute" }, { "lang": "es", "value": "** EN DISPUTA ** Condici\u00f3n de Carrera en Dr.Web Security Space Pro v6.0.0.03100 para Windows XP permite a usuarios locales eludir los manejadores de hooks a nivel de kernel, y ejecutar c\u00f3digo peligroso que de otra manera ser\u00eda bloqueada por el manejador y no por una detecci\u00f3n basada en firma de malware. Esto se consigue a trav\u00e9s de ciertos cambios en la memoria de espacio de usuario durante la ejecuci\u00f3n del manejador de hooks. Se trata de un problema tambi\u00e9n conocido como un ataque argument-switch o un ataque KHOBE. NOTA: este problema es discutido por algunos, ya que es un defecto en un mecanismo de protecci\u00f3n para situaciones en las que un programa hecho a mano ya ha comenzado a ejecutarse." } ], "id": "CVE-2010-5159", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2012-08-25T21:55:02.757", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "cve@mitre.org", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/67660" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "cve@mitre.org", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/67660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2013-03-13 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*", "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*", "matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer onBeforeCopy Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en Microsoft Internet Explorer 6 a la 10, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un sitio web dise\u00f1ado que desencadena el acceso a un objeto eliminado, tambi\u00e9n conocido como \"Internet Explorer onBeforeCopy uso despu\u00e9s de liberaci\u00f3n\"." } ], "id": "CVE-2013-0093", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-03-13T00:55:01.370", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16239" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16239" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEC28F-EB69-4B28-AAE9-674DE2C994E7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*", "matchCriteriaId": "87AA5126-90FF-40F5-8664-E8260C2C8CF5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*", "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_services:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3E3CAB6-D1AF-4B13-97E3-0E96D4F32F87", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_services:2008:*:*:*:*:*:*:*", "matchCriteriaId": "DB686D09-A33F-408E-9083-F988066FCE66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:media_foundation_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4773A9EC-E368-4198-8BDD-21B5DB296272", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka \"Windows Media Header Parsing Invalid Free Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Windows Media Format Runtime v9.0, v9.5, y v11 y Windows Media Services v9.1 y 2008 no no analiza apropiadamente cabeceras malformadas en archivos Advanced Systems Format (ASF), lo que permite a los atacantes remotos ejecutar arbitrariamente c\u00f3digo a trav\u00e9s de archivo manipulado (1) .asf, (2) .wmv, o (3) .wma, tambi\u00e9n conocido como \"Vulnerabilidad libre invalidada de analizador de cabeceras en Windows Media\"" } ], "id": "CVE-2009-2498", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-09-08T22:30:00.407", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6257" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6257" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-12-09 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | sp4 | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | - | |
microsoft | windows_2003_server | - | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:sp4:*:*:*:*:*:*:*", "matchCriteriaId": "11AFB73A-1C61-40F1-8415-E4D40BB2699B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "C0D88E59-0DDC-4AE0-83B8-0C9DADAB2733", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "4D5F7729-A095-43DF-BF2F-B4B6938087FA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka \"Local Security Authority Subsystem Service Resource Exhaustion Vulnerability.\"" }, { "lang": "es", "value": "LSASS.exe en Local Security Authority Subsystem Service (LSASS) en Microsoft Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP2 permite a atacantes remotos autenticados provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante una petici\u00f3n ISAKMP sobre IPsec malformada. Tambi\u00e9n conocido como \"Vulnerabilidad de consumo de recuersos Local Security Authority Subsystem Service\"." } ], "id": "CVE-2009-3675", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-12-09T18:30:00.500", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-342A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-342A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-05-24 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_8 | - | |
microsoft | windows_8 | - | |
microsoft | windows_rt | - | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_server_2012 | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*", "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*", "matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain." }, { "lang": "es", "value": "La funci\u00f3n EPATHOBJ::bFlatten en win32k.sys en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, y Windows RT, no comprueba si lista vinculada accede continuamente al mismo miembro de la lista, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (recorrido infinito) a trav\u00e9s de vectores que provocan una cadena PATHRECORD manipulada." } ], "id": "CVE-2013-3661", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-05-24T20:55:01.940", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/53435" }, { "source": "cve@mitre.org", "url": "http://twitter.com/taviso/statuses/335557286657400832" }, { "source": "cve@mitre.org", "url": "http://www.computerworld.com/s/article/9239477" }, { "source": "cve@mitre.org", "url": "http://www.exploit-db.com/exploits/25611/" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/93539" }, { "source": "cve@mitre.org", "url": "http://www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/" }, { "source": "cve@mitre.org", "url": "http://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/53435" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://twitter.com/taviso/statuses/335557286657400832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.computerworld.com/s/article/9239477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.exploit-db.com/exploits/25611/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/93539" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-06-13 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | 64-bit | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_nt | 4.0 | |
microsoft | windows_nt | 4.0 | |
microsoft | windows_nt | 4.0 | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*", "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "D2CA1674-A8A0-479A-9D80-344D3C563A24", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue." } ], "id": "CVE-2005-1935", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-06-13T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.phreedom.org/solar/exploits/msasn1-bitstring/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.phreedom.org/solar/exploits/msasn1-bitstring/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20870" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-10-12 02:52
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | http://www.securityfocus.com/bid/49966 | Third Party Advisory, VDB Entry | |
secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 | Patch, Vendor Advisory | |
secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223 | Tool Signature | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49966 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223 | Tool Signature |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka \"Virtual Function Table Corruption Remote Code Execution Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un intento de acceso a una tabla de una funci\u00f3n virtual despu\u00e9s de que la corrupci\u00f3n de esta tabla se haya producido. Tambi\u00e9n conocida como \"vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de la Tabla de Funci\u00f3n Virtual\"." } ], "id": "CVE-2011-2001", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-10-12T02:52:43.800", "references": [ { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/49966" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/49966" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-11-14 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka \"Win32k Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 y R2 SP1 y Windows 7 SP1 y Gold permite a los usuarios locales conseguir privilegios a trav\u00e9s de una aplicaci\u00f3n hecha a mano. Se trata de un problema tambi\u00e9n conocido como \"Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de Win32k\".\r\n" } ], "id": "CVE-2012-2530", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-11-14T00:55:01.497", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/51239" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1027750" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-075" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/51239" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1027750" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15936" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-04-13 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka \"GDI+ Integer Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de enteros en gdiplus.dll en GDI+ en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold y SP2, y Office XP SP3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una imagen EMF manipulada, tambi\u00e9n conocido como \"GDI+ Integer Overflow Vulnerability.\"" } ], "id": "CVE-2011-0041", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-04-13T18:55:01.017", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-029" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11854" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11854" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-06-12 02:32
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows-nt | xp | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | directx | 9.0 | |
microsoft | windows_2000 | * | |
microsoft | directx | 7.0 | |
microsoft | directx | 8.1 | |
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | 2008 | |
microsoft | windows_vista | * | |
microsoft | directx | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "972ADDBC-5D6E-48D5-9DB7-44FE0539807D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "2936E9C2-65E6-4D26-A277-FF2AE13A3FEC", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BFE77B9-6C2A-45D3-A4B5-2679CC4B0DA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "8FF0278F-AFA7-48BA-8762-5569EC174AEE", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*", "matchCriteriaId": "59F8A83B-899C-47CE-B444-E8B4AC7723C7", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x32:*:*:*:*:*", "matchCriteriaId": "7AF8B188-A5E0-4D53-9FE1-C72BD956191B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*", "matchCriteriaId": "2B89E436-C99E-4F68-AADD-E5980B346E95", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:directx:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A53A6AC-74B0-4DB3-B94D-06FB969AE83C", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the \"MJPEG Decoder Vulnerability.\"" }, { "lang": "es", "value": "Microsoft DirectX 8.1 a 9.0c, y DirectX en Microsoft XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 no realiza adecuadamente la comprobaci\u00f3n de errores MJPEG lo cual podr\u00eda permitir a usuarios remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una cadena de datos MJPEG manipulada en un archivo (1) AVI o (2) ASF, tambi\u00e9n conocida como la \"Vulnerabilidad del decodificador MJPEG\"" } ], "id": "CVE-2008-0011", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-06-12T02:32:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/30579" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1020222" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/29581" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/1780" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-033" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5236" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/30579" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1020222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/29581" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/1780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5236" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-06-30 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK." }, { "lang": "es", "value": "La funcionalidad de soporte de GPU en Windows XP no restringe adecuadamente el tiempo de renderizaci\u00f3n, esto permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores que involucren a WebGL y (1) programas shader o (2) compleja geometr\u00eda 3D; como se ha demostrado al utilizar Mozilla Firefox o Google Chrome para visitar la p\u00e1gina de pruebas lots-of-polys-example.html de Khronos WebGL SDK." } ], "id": "CVE-2011-2600", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-06-30T15:55:04.567", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.contextis.com/resources/blog/webgl/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.contextis.com/resources/blog/webgl/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-03-03 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "E40F7857-8F3F-4707-B3AA-A12C0731BB83", "versionEndIncluding": "10.1.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8961EDA-B567-4D92-8DBC-F887712F3BD2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "A60A3349-DE6E-4381-81C0-E682B791ED61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6EF2759C-6F94-4769-8EB2-16947C05CBB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0F53FF4-8A15-475C-9FF6-54073A3F1B08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "80AFD7E5-A66F-4E43-BC34-EB6BF59186D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1." }, { "lang": "es", "value": "WebKit, tal como se utiliza en el iTunes de Apple antes de v10.2 para Windows, permite a los atacantes \"man-in-the-middle\" ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de la aplicaci\u00f3n)a trav\u00e9s de vectores relacionados con la navegaci\u00f3n de la tienda iTunes, una vulnerabilidad diferente a los CVE listados en APPLE-SA-2011-03-02-1." } ], "id": "CVE-2011-0150", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-03-03T20:00:02.333", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4554" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4564" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4566" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17339" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4564" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4566" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17339" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Office document, aka "Media Decompression Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Office document, aka \"Media Decompression Vulnerability.\"" }, { "lang": "es", "value": "Quartz.dll en DirectShow en Microsoft Windows XP SP2 y SP3, Server 2003 SP2, Vista SP2, y Server 2008 SP2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) un archivo multimedia, (2) streaming multimedia, o (3) un documento de Microsoft Office , tambi\u00e9n conocida como \"Media Decompression Vulnerability.\"" } ], "id": "CVE-2013-0077", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-02-13T12:04:12.417", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-011" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15873" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-12-10 14:00
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "8D91FC0B-92FA-4182-9B87-A462850BD510", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*", "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "8D91FC0B-92FA-4182-9B87-A462850BD510", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*", "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*", "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka \"Uninitialized Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 7 en ocasiones intenta acceder a objetos que han sido eliminados; esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento HTML manipulado que provoca una corrupci\u00f3n de memoria. Tambi\u00e9n se conoce como \"Vulnerabilidad de Corrupci\u00f3n de Memoria que No ha sido Iniciada\"." } ], "id": "CVE-2008-4260", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-12-10T14:00:01.050", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021371" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/3385" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-073" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5903" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021371" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5903" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1278.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka \"Kernel Race Condition Vulnerability,\" a different vulnerability than CVE-2013-1278." }, { "lang": "es", "value": "Condici\u00f3n de carrera en el kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, Windows 8, Windows Server 2012, y Windows RT permite a usuarios locales elevar sus privilegios a trav\u00e9s de una aplicaci\u00f3n modificada que aprovecha el manejo inadecuado de objetos en memoria, tambi\u00e9n conocido como \"Vulnerabilidad de condici\u00f3n de carrera en el Kernel\" una vulnerabilidad diferente a CVE-2013-1278." } ], "id": "CVE-2013-1279", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-13T12:04:13.963", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-017" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16458" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-017" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16458" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-09-11 01:10
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_media_player | 11 | |
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | xp | |
microsoft | windows-nt | xp | |
microsoft | windows-nt | xp | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*", "matchCriteriaId": "B27BB8B0-BC24-4A3F-A18B-63D57AB4799B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*", "matchCriteriaId": "ABC3CA16-2694-4C05-A404-029DB179C47D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:x64:*", "matchCriteriaId": "70865C35-CABD-4731-8043-BF358E0EFC7F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:gold:*:x64:*", "matchCriteriaId": "5DF33FF8-899B-40B2-AF84-E37D8CC6B422", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp2:*:*:pro:*:x64:*", "matchCriteriaId": "97A263BB-2103-4047-A8AB-1AB46EC73120", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka \"Windows Media Player Sampling Rate Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad sin especificar en Microsoft Windows Media Player 11, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo \"audio-only\" manipulado cuyo origen del flujo es un Server-Side Playlist (SSPL) sobre Windows Media Server, tambi\u00e9n conocida como \"Vulnerabilidad Windows Media Player Sampling Rate.\"" } ], "evaluatorComment": "http://www.microsoft.com/technet/security/Bulletin/MS08-054.mspx\r\n\r\n\r\nSecurity updates are available from Microsoft Update, Windows Update, and Office Update. Security updates are also available from the Microsoft Download Center. You can find them most easily by doing a keyword search for \"security update.\r\n\r\n*Windows Server 2008 server core installation not affected. The vulnerability addressed by this update does not affect supported editions of Windows Server 2008 if Windows Server 2008 was installed using the Server Core installation option, even though the files affected by this vulnerability may be present on the system. However, users with the affected files will still be offered this update because the update files are newer (with higher version numbers) than the files that are currently on your system. For more information on this installation option, see Server Core. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008; see Compare Server Core Installation Options.", "id": "CVE-2008-2253", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-09-11T01:10:13.540", "references": [ { "source": "secure@microsoft.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=766863#PRODUCTS" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/30550" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020831" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2522" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-054" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=766863#PRODUCTS" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/30550" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020831" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2522" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5615" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" }, { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-03-02 21:18
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | - | |
microsoft | internet_explorer | 6.0 | |
microsoft | internet_explorer | 6.0 | |
microsoft | internet_explorer | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "587026A7-5480-4B30-8E73-6A9BB31FBCAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "1A4B3552-95CE-41AC-83C1-BF93558329D3", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected." }, { "lang": "es", "value": "Microsoft Internet Explorer versi\u00f3n 6 en Windows XP SP2, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) mediante la creaci\u00f3n de un objeto dentro de un iframe, eliminando el marco estableciendo su location.href en about:blank, luego accediendo a una propiedad del objeto dentro del marco eliminado, que desencadena una desreferencia del puntero NULL. NOTA: m\u00e1s tarde se report\u00f3 que la versi\u00f3n 7.0.6000.16473 y anteriores tambi\u00e9n est\u00e1n afectadas." } ], "id": "CVE-2006-7066", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-03-02T21:18:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html" }, { "source": "cve@mitre.org", "tags": [ "Permissions Required" ], "url": "http://blogs.securiteam.com/index.php/archives/554" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://browserfun.blogspot.com/2006/07/mobb-30-orphan-object-properties.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://websecurity.com.ua/3130/" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/27533" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/19228" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required" ], "url": "http://blogs.securiteam.com/index.php/archives/554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://browserfun.blogspot.com/2006/07/mobb-30-orphan-object-properties.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://websecurity.com.ua/3130/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/27533" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/19228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28068" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-09-15 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) in Windows Vista SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote authenticated users to execute arbitrary code via malformed LDAP messages, aka "LSASS Heap Overflow Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) in Windows Vista SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote authenticated users to execute arbitrary code via malformed LDAP messages, aka \"LSASS Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en el servicio Local Security Authority Subsystem (LSASS), como el usado en Active Directory de Microsoft Windows Server 2003 SP2 y Windows Server 2008 Gold, SP2, y R2; Active Directory Application Mode (ADAM) de Windows XP SP2 y SP3 y Windows Server 2003 SP2; y Active Directory Lightweight Directory Service (AD LDS) de Windows Vista SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7, permite a los usuarios remotos autenticados ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de mensajes LDAP malformados, tambi\u00e9n conocido como \"LSASS Heap Overflow Vulnerability\"." } ], "id": "CVE-2010-0820", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2010-09-15T19:00:18.667", "references": [ { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-068" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7120" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7120" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-120" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2010-11-22 13:00
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C9E1949-86E4-4011-9376-51C9E7E683E5", "versionEndIncluding": "5.0.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "831C5105-6409-4743-8FB5-A91D8956202F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A1C9705A-74D4-43BA-A119-C667678F9A15", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "2011BBA0-5CE6-4215-8F6E-4BCCBCD24153", "versionEndIncluding": "4.1.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site." }, { "lang": "es", "value": "WebKit en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4, no realiza correctamente la conversi\u00f3n de una variable si especificar durante el procesado de comandos de edici\u00f3n, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado" } ], "id": "CVE-2010-3808", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-11-22T13:00:18.317", "references": [ { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4455" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/3046" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63349" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4455" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/3046" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12160" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involving a (1) %2f and .. (dot dot) or (2) %5c and .. (dot dot) in a URL.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involving a (1) %2f and .. (dot dot) or (2) %5c and .. (dot dot) in a URL." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en el (a) Almacenamiento local y (b) la implementaci\u00f3n web de la base de datos SQL en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos crear a su elecci\u00f3n archivos de bases de datos a trav\u00e9s de vectores a\u00f1adiendo un (1) %2f y .. (punto punto) o (2) %5c y .. (punto punto) en la URL." } ], "id": "CVE-2010-1391", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T18:00:21.067", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/40753" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/40753" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7082" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-10-28 02:49
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "620FF862-140C-4A0A-BB70-E59E590CB4FF", "versionEndIncluding": "7.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A4C6772-CD24-46FD-AEBE-BF8BB16B5BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "85ADED98-62C6-4961-894C-1D26E3B3EE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F522CEA4-B3BB-4C94-B070-6679EEA43439", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B630944-F838-4C02-90D4-F5EB2A073CA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9066C81B-A69F-450D-8606-5E29AF1AD286", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "71285AD2-3966-4817-B630-8335BE985D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2458480E-F222-452A-AB21-933F924F8F6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "30C83A78-6BB9-443E-B508-CC6F8D157A6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61463F4F-BBE0-42AA-AC22-8F39E94EB520", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F43E39C4-6A08-4C38-BC7D-573F40978527", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC0E0EA8-2947-44F9-BCFA-F4CFA34E9EFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B84D320E-ACA2-4B6E-B682-00202B9ADF2F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "81E0F160-4B70-45CD-B8AC-AB30ADDB8D2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "1EF20D38-BFA3-4403-AB24-7B74EFD68229", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "97FEBA83-C845-4334-9B9A-921BA0F44DE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*", "matchCriteriaId": "7F9F7DCE-EE65-4CD5-AA21-208B2AAF09EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "31662D02-7FA9-4FAD-BE49-194B7295CEE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0C835F2-4F9E-45A6-8112-C2D8CB1A39AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C6E08BF-737E-4512-9BB8-5B4B03A2F8B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D22D0674-0EC7-4176-97FB-940F2F7D6AFC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A6470EC-B72B-404C-9E69-03C3FEFD56F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA3FB6BA-D0FA-4DC3-8A4D-453C2EE51D09", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "58F5F530-033D-49D8-ABD5-F4285DA7DA40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A0A9EC6-9531-4024-8325-DD9318653AE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "CDDB11E0-3853-4C93-AC64-599A1A3606CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "6C2A95FA-0C02-45AD-B9C0-AB6310DAD5B2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "CCD69789-11BA-410F-ABEB-0D34CBF817E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "506422A5-F1E6-4D07-B947-4E265AC16ABD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en Apple QuickTime anterior a v7.7.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo de pel\u00edcula creado con la codificaci\u00f3n de FLC." } ], "id": "CVE-2011-3249", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-10-28T02:49:53.023", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5016" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5130" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16130" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5130" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16130" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016." }, { "lang": "es", "value": "Condici\u00f3n de carrera en win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2 y R2 SP1 y Windows 7 Gold y SP1 permite a usuarios locales obtener privilegios y, en consecuencia leer el contenido de ubicaciones arbitrarias de memoria del n\u00facleo, a trav\u00e9s de una aplicaci\u00f3n hecha a mano, una vulnerabilidad diferente a CVE enumerados en MS13-016." } ], "id": "CVE-2013-1277", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-13T12:04:13.883", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16256" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16256" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-06-29 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * | |
microsoft | internet_explorer | 7.0 | |
nctsoft_products | nctaudiostudio | 2.7 | |
nctsoft_products | nctwavchunkseditor2.dll | 2.6.1.148 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:nctsoft_products:nctaudiostudio:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "E48CA6AF-8ABB-4919-A7A3-7481DE537F31", "vulnerable": true }, { "criteria": "cpe:2.3:a:nctsoft_products:nctwavchunkseditor2.dll:2.6.1.148:*:*:*:*:*:*:*", "matchCriteriaId": "279DAB45-5563-4B84-83B9-C92C76ACC719", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400." }, { "lang": "es", "value": "Cierto control ActiveX en NCTWavChunksEditor2.dll 2.6.1.148 de NCTAudioStudio (NCTAudioStudio2) 2.7, como el utilizado por Sienzo DMM y probablemente otros productos, permite a atacantes remotos crear y sobrescribir ficheros de su elecci\u00f3n mediante nombre de ruta completo en el argumento al m\u00e9todo CreateFile, un vector diferente de CVE-2007-3400." } ], "id": "CVE-2007-3493", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-06-29T18:30:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://osvdb.org/37673" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/25851" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24656" }, { "source": "cve@mitre.org", "url": "http://www.shinnai.altervista.org/exploits/ntcwavchunkstxt.html" }, { "source": "cve@mitre.org", "url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1182845325.ff.php\u0026page=last" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2351" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35081" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/4109" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37673" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/25851" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24656" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.shinnai.altervista.org/exploits/ntcwavchunkstxt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1182845325.ff.php\u0026page=last" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2351" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4109" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-04-13 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other \"Vulnerability Type 1\" CVEs listed in MS11-034, aka \"Win32k Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 Gold y SP1 permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n que genera una desreferencia a un puntero nulo. Se trata de una vulnerabilidad diferente a otros CVEs de vulnerabilidades \"de tipo 1\" listados en MS11-034, tambi\u00e9n conocida como la \"vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n win32k.\"\r\n" } ], "id": "CVE-2011-0662", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-04-13T18:55:01.487", "references": [ { "source": "secure@microsoft.com", "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" }, { "source": "secure@microsoft.com", "url": "http://osvdb.org/71740" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/44156" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100133352" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/47194" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025345" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2011/0952" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66395" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/71740" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44156" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100133352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/47194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0952" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66395" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12543" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "B5E149E7-B748-44F6-BB55-68D5BF87AF41", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference." }, { "lang": "es", "value": "La pila DCE-RPC en Windows 2000 y otros sistemas operativos permite a atacantes remotos causar una denegaci\u00f3n de servicio (desactivar el servico RCP) mediante un paquete malformado al puerto TCP 135, que dispara una desreferencia a un puntero nulo." } ], "id": "CVE-2002-1561", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-04-02T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/261537" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/296114/2002-10-14/2002-10-20/0" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6005" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-010" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A59" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/261537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/296114/2002-10-14/2002-10-20/0" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A59" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-04-10 21:19
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el servicio Universal Plug and Play (UPnP) en Microsoft Windows XP SP2 permite a los atacantes remotos en el misma subred ejecutar c\u00f3digo arbitrario por medio de encabezados HTTP creados en la petici\u00f3n o mensajes notificados, lo que desencadena corrupci\u00f3n de la memoria." } ], "id": "CVE-2007-1204", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.2, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-04-10T21:19:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=509" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24822" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/34010" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/23371" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1017895" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/1323" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-019" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24822" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/34010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23371" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017895" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/1323" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2049" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-11-16 07:42
Modified
2025-04-03 01:03
Severity ?
Summary
By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | ibm_oem_version | |
microsoft | windows_xp | ibm_oem_version |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:ibm_oem_version:*:*:*:*:*:*:*", "matchCriteriaId": "D96ADB2B-8EF4-4EBD-A007-E3CC7223608B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:ibm_oem_version:sp1:*:*:*:*:*:*", "matchCriteriaId": "1F928472-8B88-49CF-8F92-502A98FB71DE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer." } ], "id": "CVE-2005-3595", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-11-16T07:42:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=113147602208113\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.microsoft.com/windowsxp/using/setup/getstarted/installqa.mspx" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/375335" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11199/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17412" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=113147602208113\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.microsoft.com/windowsxp/using/setup/getstarted/installqa.mspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/375335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/11199/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17412" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEC28F-EB69-4B28-AAE9-674DE2C994E7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*", "matchCriteriaId": "87AA5126-90FF-40F5-8664-E8260C2C8CF5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*", "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_services:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3E3CAB6-D1AF-4B13-97E3-0E96D4F32F87", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_services:2008:*:*:*:*:*:*:*", "matchCriteriaId": "DB686D09-A33F-408E-9083-F988066FCE66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_foundation:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BBC8864-560B-480A-903B-19215000C69D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka \"Windows Media Playback Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Windows Media Format Runtime v9.0, v9.5, y v11; y Microsoft Media Foundation en Windows Vista Gold, SP1, y SP2 y Server 2008; permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n en un fichero MP3 con metadatos manipulados que desembocan en un error de memoria, tambi\u00e9n llamado \"Vulnerabilidad de error de memoria Windows Media Playback.\"" } ], "id": "CVE-2009-2499", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-09-08T22:30:00.437", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5531" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5531" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-01-12 01:00
Modified
2025-04-11 00:51
Severity ?
Summary
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*", "matchCriteriaId": "036C836C-6387-4DAC-96B2-94C979D236E8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*", "matchCriteriaId": "6182A820-5DF9-4ABF-9E5A-DC9EE8F98E37", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3248539-0206-414E-9EAB-2DE8FFF5A52C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka \"DSN Overflow Vulnerability.\"" }, { "lang": "es", "value": "Error en la propiedad signedness de enteros en la funci\u00f3n SQLConnectW en una API de ODBC (odbc32.dll) en Microsoft Data Access Components (MDAC) versi\u00f3n 2.8 SP1 y SP2, y Windows Data Access Components (WDAC) versi\u00f3n 6.0, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una cadena larga en el Nombre de Origen de Datos (DSN) y un argumento szDSN creado, que omite una comparaci\u00f3n firmada y conduce a un desbordamiento del b\u00fafer, tambi\u00e9n se conoce como \"DSN Overflow Vulnerability\"." } ], "id": "CVE-2011-0026", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-01-12T01:00:01.807", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/70443" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/42804" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100124846" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/45695" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1024947" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-011A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2011/0075" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-001/" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12333" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/70443" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100124846" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/45695" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024947" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-011A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0075" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-001/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12333" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-05-08 23:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | internet_explorer | 5.01 | |
microsoft | windows_2000 | * | |
microsoft | internet_explorer | 6 | |
microsoft | windows_xp | * | |
microsoft | internet_explorer | 6.0 | |
microsoft | internet_explorer | 7.0 | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp2 | |
microsoft | internet_explorer | 6.0 | |
microsoft | internet_explorer | 7.0 | |
microsoft | windows_vista | * | |
microsoft | internet_explorer | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the \"Arbitrary File Rewrite Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Explorer 5.01 SP4 de Windows 2000 SP4; 6 SP1 de Windows 2000 SP4; 6 y 7 de Windows XP SP2, \u00f3 Windows Server 2003 SP1 \u00f3 SP2; \u00f3 7 en Windows Vista permite a atacantes remotos sobre-escribir ficheros de su elecci\u00f3n mediante vectores no especificado, tambi\u00e9n conocido como \"Vulnerabilidad de Sobre-Escritura de Ficheros De Su Elecci\u00f3n\"." } ], "id": "CVE-2007-2221", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-05-08T23:19:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/23769" }, { "source": "secure@microsoft.com", "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-07.html" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/500753" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/34404" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/23827" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1018019" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/1712" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33355" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1885" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23769" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-07.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/500753" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/34404" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33355" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1885" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-03-13 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*", "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*", "matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CCaret Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en Microsoft Internet Explorer 6 a la 10, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un sitio web dise\u00f1ado que desencadena el acceso a un objeto eliminado, tambi\u00e9n conocido como \"Internet Explorer CCaret, vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n\"." } ], "id": "CVE-2013-0090", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2013-03-13T00:55:01.310", "references": [ { "source": "secure@microsoft.com", "url": "http://blog.skylined.nl/20161216001.html" }, { "source": "secure@microsoft.com", "url": "http://packetstormsecurity.com/files/140186/Microsoft-Internet-Explorer-9-IEFRAME-CView-EnsureSize-Use-After-Free.html" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16049" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/40935/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blog.skylined.nl/20161216001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/140186/Microsoft-Internet-Explorer-9-IEFRAME-CView-EnsureSize-Use-After-Free.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/40935/" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | frontpage_server_extensions | 2000 | |
microsoft | frontpage_server_extensions | 2002 | |
microsoft | sharepoint_team_services | 2002 | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:frontpage_server_extensions:2000:*:*:*:*:*:*:*", "matchCriteriaId": "30681E33-8D2B-46A6-ABFE-490B2F686304", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:frontpage_server_extensions:2002:*:*:*:*:*:*:*", "matchCriteriaId": "E7E274F0-F1B8-4C3D-961B-80B92830ABF9", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_team_services:2002:*:*:*:*:*:*:*", "matchCriteriaId": "A6CDD8EA-6504-49AB-AEDF-B4826A738339", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request." }, { "lang": "es", "value": "Vulnerabilidad desconocida en el int\u00e9rprete SmartHTML interpreter (shtml.dll) en Microsoft FrontPage Server Extensions 2000 y 2002, y Microsoft SharePoint Team Services 2002, permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de respuesta) mediante una cierta petici\u00f3n." } ], "id": "CVE-2003-0824", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10195" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/179012" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13680" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A308" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A591" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A606" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A625" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A762" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10195" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/179012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13680" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A591" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A606" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A625" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A762" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-03-29 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | 7.0 | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a \"0day Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v7.0 en Windows XP y Windows Server 2003 permite a atacantes remotos tener un impacto sin especificar a trav\u00e9s de ciertos documentos XML que hacen referencia a sitios web modificados en el atributo SRC de un elemento image. Relacionado con una \"0day Vulnerability\" (vulnerabilidad sin parchear)." } ], "id": "CVE-2010-1175", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-03-29T19:30:00.377", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/510280/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/510280/100/0/threaded" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional:*:*:*:*:*", "matchCriteriaId": "C29F02ED-85FC-4D22-A6DE-5F9C77ECCD70", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka \"TCP/IP Orphaned Connections Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1 y SP2, y Server 2008 Gold y SP2 permiten a los atacantes remotos provocar una denegaci\u00f3n de servicio (interrupci\u00f3n de TCP) por medio de una serie de sesiones TCP que tienen datos pendientes y un tama\u00f1o de ventana de recepci\u00f3n (1) peque\u00f1a o (2) cero y permanecen en el estado FIN-WAIT-1 o FIN-WAIT-2 indefinidamente, tambi\u00e9n se conoce como \"TCP/IP Orphaned Connections Vulnerability\"." } ], "id": "CVE-2009-1926", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-09-08T22:30:00.390", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/57797" }, { "source": "secure@microsoft.com", "url": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/506331/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/36269" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/57797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/506331/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/36269" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-04-08 23:05
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is NtUserFnOUTSTRING in win32k.sys.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "972ADDBC-5D6E-48D5-9DB7-44FE0539807D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is NtUserFnOUTSTRING in win32k.sys." }, { "lang": "es", "value": "Una vulnerabilidad no especificada en el kernel de Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, hasta Vista SP1 y Server 2008 permite a los usuarios locales ejecutar c\u00f3digo arbitrario por medio de vectores de ataque desconocidos relacionados con la comprobaci\u00f3n de entrada inapropiada. NOTA: m\u00e1s tarde se report\u00f3 que una funci\u00f3n afectada es NtUserFnOUTSTRING en el archivo win32k.sys." } ], "id": "CVE-2008-1084", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-04-08T23:05:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120845064910729\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120845064910729\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://milw0rm.com/sploits/2008-ms08-25-exploit.zip" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29720" }, { "source": "secure@microsoft.com", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/28554" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1019803" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-099A.html" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1149/references" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-025" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5437" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/5518" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120845064910729\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120845064910729\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://milw0rm.com/sploits/2008-ms08-25-exploit.zip" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29720" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/28554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019803" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-099A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1149/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5518" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-07-15 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka "Embedded OpenType Font Heap Overflow Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_vista | - | |
microsoft | windows_vista | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C9FE4961-58EE-4DB2-B712-790CC2FA7996", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka \"Embedded OpenType Font Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "El Motor de Fuente de Embedded OpenType (EOT) (T2EMBED. DLL) en Microsoft Windows versiones 2000 SP4, XP SP2 y SP3, Server 2003 SP2, vista Gold, SP1 y SP2, y Server 2008 Gold y SP2, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una tabla de nombres creada en un registro de datos que desencadena un truncamiento de enteros y un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria, tambi\u00e9n se conoce como \"Embedded OpenType Font Heap Overflow Vulnerability\"" } ], "id": "CVE-2009-0231", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2009-07-15T15:30:01.233", "references": [ { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=811" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://osvdb.org/55842" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022543" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1887" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-029" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://osvdb.org/55842" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1887" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-029" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5457" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-681" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | enterprise | |
microsoft | windows_2003_server | enterprise_64-bit | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | standard | |
microsoft | windows_2003_server | web | |
microsoft | windows_98 | * | |
microsoft | windows_98se | * | |
microsoft | windows_me | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*", "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an \"unchecked buffer\" in the library, possibly due to a buffer overflow." }, { "lang": "es", "value": "La biblioteca de objetos Hyperlink para Windows 98, 2000, XP y Server 2003 permite a los atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un enlace dise\u00f1ado que activa un \"buffer no controlado\" en la biblioteca, posiblemente debido a un desbordamiento del buffer." } ], "id": "CVE-2005-0057", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-05-02T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/14195" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1013119" }, { "source": "cve@mitre.org", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/820427" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/12479" }, { "source": "cve@mitre.org", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/14195" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1013119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/820427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/12479" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-12-16 19:33
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka "Win32k Buffer Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka \"Win32k Buffer Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en win32k.sys en los controladores del modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, y R2 y Windows 7 permite a usuarios locales conseguir privilegios a trav\u00e9s de vectores relacionados con la asignaci\u00f3n de memoria incorrecta para las copias del modo usuario, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de b\u00fafer Win32k\"." } ], "id": "CVE-2010-3939", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-12-16T19:33:02.617", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1024880" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12252" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1024880" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-348A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-098" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12252" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-01-22 22:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*", "matchCriteriaId": "5F709B61-F64B-4E8F-80BB-4944485B6125", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*", "matchCriteriaId": "817636ED-5E42-460E-89F1-24D5C64AB8BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*", "matchCriteriaId": "0E6E1020-1017-4670-9316-27C79F1E2698", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*", "matchCriteriaId": "37F63AE1-8FC9-4C0F-8D19-F17DFA214E94", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*", "matchCriteriaId": "35B1186A-FA5B-4E49-8C2F-BCD2D45F22A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*", "matchCriteriaId": "53D75496-8594-44DB-B5C4-EA3CABD6551A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*", "matchCriteriaId": "314538E8-48EC-4869-9074-2A1F5B7CBB3C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*", "matchCriteriaId": "F56B3A72-7C5E-4F0C-BBC7-AA13DDFBEE70", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*", "matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*", "matchCriteriaId": "6876CE89-AA70-44C5-8A69-E2ED7A63F570", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*", "matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*", "matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*", "matchCriteriaId": "BCE2555F-C4BE-482F-8DD9-976D2026058C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*", "matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*", "matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*", "matchCriteriaId": "61F352FE-C22E-4B33-A46F-77A164B5DABB", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*", "matchCriteriaId": "5ACD5A44-0926-4A1B-9900-1E7CC0A561C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*", "matchCriteriaId": "196CEE37-2E3A-41A7-9AC1-0D5CC3F35D8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*", "matchCriteriaId": "3E16BEF4-71AA-4E23-B438-D25FFABDB646", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*", "matchCriteriaId": "1F32702E-F955-4DDB-B235-7C47E882453C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*", "matchCriteriaId": "6FA2B4AD-C04D-4A6B-8570-5A2F5489F750", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-2530 and CVE-2009-2531." }, { "lang": "es", "value": "Microsoft Internet Explorer 6, 6 SP1, 7 y 8 no maneja de manera apropiada los objetos en memoria lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n accediendo a un objeto que (1) no fue correctamente iniciado o (2) es borrado, lo que conduce a una corrupci\u00f3n de memoria, tambi\u00e9n conocida como \"Vulnerabilidad de Corrupci\u00f3n de Memoria no Iniciada\", una vulnerabilidad diferente a CVE-2009-2530 and CVE-2009-2531." } ], "id": "CVE-2010-0244", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-01-22T22:00:00.460", "references": [ { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55774" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8186" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55774" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8186" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-08-27 20:41
Modified
2025-04-09 00:30
Severity ?
Summary
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "<~/" (less-than tilde slash) sequence followed by a crafted STYLE element.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:gold:server_x64:*:*:*:*:*", "matchCriteriaId": "6B0F7775-1068-4A05-91FC-E1F6634F855A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server:*:*:*:*:*", "matchCriteriaId": "9B437168-290C-460E-AF10-BB373054856B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server_itanium:*:*:*:*:*", "matchCriteriaId": "9929BFAC-3FFC-4836-B8D5-2947BC6B496E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server:*:*:*:*:*", "matchCriteriaId": "D76A280A-3E99-4A58-94D7-F92F8A9414D2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_itanium:*:*:*:*:*", "matchCriteriaId": "1BCA8432-4F15-40FB-AC89-8F26AE1EFE32", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_x64:*:*:*:*:*", "matchCriteriaId": "F538C690-E6B0-4F50-9306-28FA55B4F8EB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*", "matchCriteriaId": "ABC3CA16-2694-4C05-A404-029DB179C47D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:gold:media_center_2005:*:*:*:*:*", "matchCriteriaId": "1D07E13E-659F-480C-B8BA-F62D4B9B5234", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:gold:tablet_pc_2005:*:*:*:*:*", "matchCriteriaId": "59E405A0-8A83-4003-9398-4DDCB28BBAAA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:gold:x64:*:*:*:*:*", "matchCriteriaId": "55F983ED-1270-4CF5-8DD1-006899EAE892", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "B4B659D4-6EDD-4A31-A7CC-70B12EBEB4D8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:gold:server_x64:*:*:*:*:*", "matchCriteriaId": "6B0F7775-1068-4A05-91FC-E1F6634F855A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server:*:*:*:*:*", "matchCriteriaId": "9B437168-290C-460E-AF10-BB373054856B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server_itanium:*:*:*:*:*", "matchCriteriaId": "9929BFAC-3FFC-4836-B8D5-2947BC6B496E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server:*:*:*:*:*", "matchCriteriaId": "D76A280A-3E99-4A58-94D7-F92F8A9414D2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_itanium:*:*:*:*:*", "matchCriteriaId": "1BCA8432-4F15-40FB-AC89-8F26AE1EFE32", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_x64:*:*:*:*:*", "matchCriteriaId": "F538C690-E6B0-4F50-9306-28FA55B4F8EB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*", "matchCriteriaId": "ABC3CA16-2694-4C05-A404-029DB179C47D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*", "matchCriteriaId": "59F8A83B-899C-47CE-B444-E8B4AC7723C7", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*", "matchCriteriaId": "2B89E436-C99E-4F68-AADD-E5980B346E95", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:vista:sp1:x64:*:*:*:*:*", "matchCriteriaId": "C52FFD3E-195E-4A61-9789-AF5A3EFB3A62", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:gold:x64:*:*:*:*:*", "matchCriteriaId": "55F983ED-1270-4CF5-8DD1-006899EAE892", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:gold:server_x64:*:*:*:*:*", "matchCriteriaId": "6B0F7775-1068-4A05-91FC-E1F6634F855A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server:*:*:*:*:*", "matchCriteriaId": "9B437168-290C-460E-AF10-BB373054856B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp1:server_itanium:*:*:*:*:*", "matchCriteriaId": "9929BFAC-3FFC-4836-B8D5-2947BC6B496E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server:*:*:*:*:*", "matchCriteriaId": "D76A280A-3E99-4A58-94D7-F92F8A9414D2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_itanium:*:*:*:*:*", "matchCriteriaId": "1BCA8432-4F15-40FB-AC89-8F26AE1EFE32", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2003:sp2:server_x64:*:*:*:*:*", "matchCriteriaId": "F538C690-E6B0-4F50-9306-28FA55B4F8EB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:gold:x64:*:*:*:*:*", "matchCriteriaId": "55F983ED-1270-4CF5-8DD1-006899EAE892", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A419F50E-F32C-461C-95D0-978C5351FBAA", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a \"\u003c~/\" (less-than tilde slash) sequence followed by a crafted STYLE element." }, { "lang": "es", "value": "Request Validation (tambien conocida como filtros ValidateRequest) en ASP.NET de Microsoft .NET Framework con la actualizaci\u00f3n MS07-040, no detecta de forma adecuada las entradas peligrosas de clientes, lo que permite a atacantes, conducir ataques de secuencias de comandos en sitios cruzados (XSS) como se demostr\u00f3 mediante una petici\u00f3n que conten\u00eda la cadena \"\u003c~/\" (menor que, tilde y barra) seguida de un elemento STYLE manipulado." } ], "id": "CVE-2008-3843", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-08-27T20:41:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4193" }, { "source": "cve@mitre.org", "url": "http://www.procheckup.com/PDFs/bypassing-dot-NET-ValidateRequest.pdf" }, { "source": "cve@mitre.org", "url": "http://www.procheckup.com/Vulnerability_PR08-20.php" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/495667/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/496071/100/0/threaded" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44743" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/4193" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.procheckup.com/PDFs/bypassing-dot-NET-ValidateRequest.pdf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.procheckup.com/Vulnerability_PR08-20.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/495667/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/496071/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44743" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-10-10 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "B5E149E7-B748-44F6-BB55-68D5BF87AF41", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en el control ActiveX de ayuda HTML (hhctrl.ocx) en Microsoft Windows 98, 98 SE, Me, NT4, 2000 y XP, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un par\u00e1metro largo en la funci\u00f3n Alink." } ], "id": "CVE-2002-0693", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-10-10T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=103365849505409\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=103419115517344\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=103435279404182\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10253.php" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/5874" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=103365849505409\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=103419115517344\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=103435279404182\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10253.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/5874" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-06-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages." }, { "lang": "es", "value": "La librer\u00eda Microsoft Secure Sockets Layer (SSL), usada en Windows 2000, Windows XP y Windows Server 2003, permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante mensajes SSL malformados." } ], "id": "CVE-2004-0120", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-06-01T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/150236" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/10115" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15712" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A885" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A886" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A892" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-114.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/150236" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/10115" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-104A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A885" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A892" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-06-10 18:00
Modified
2025-04-09 00:30
Severity ?
Summary
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:itanium:*", "matchCriteriaId": "39F303CD-DB64-4FE6-AB4F-461E5E8AFB83", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "17804445-2C63-4381-A721-7F3BB3DC645F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server:2008:*:*:*:*:*:itanium:*", "matchCriteriaId": "EF19CAA4-DAF7-4237-9F1F-153E28E19A01", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server:2008:*:sp2:*:*:*:itanium:*", "matchCriteriaId": "E8C46066-5DDF-4FB1-8EEC-CDFA8D588DB6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*", "matchCriteriaId": "BAB70FD5-09F3-4215-99C4-299EDE8D26DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x64:*", "matchCriteriaId": "06E7E0F7-AA6F-477C-AAA7-C0419CD2F3BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "ABBA5D64-4184-4420-B7D0-A4E41359AA5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka \"Print Spooler Load Library Vulnerability.\"" }, { "lang": "es", "value": "La cola de impresi\u00f3n de Windows en Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 permite a usuraio autenticados remotamente obtener privilegios a trav\u00e9s de un mensaje RCP manipulado que lanza la carga de un archivo DLL desde un directorio de su elecci\u00f3n, tambi\u00e9n conocido como \"Vulnerabilidad en la carga librer\u00eda de la cola de impresi\u00f3n\"." } ], "id": "CVE-2009-0230", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-06-10T18:00:00.280", "references": [ { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://osvdb.org/54934" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/35365" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/35209" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022352" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1541" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://osvdb.org/54934" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/35365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/35209" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1541" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-02-12 23:00
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2003_server | 2003 | |
microsoft | windows_server_2003 | 2003 | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - | |
microsoft | webdav_mini-redirector | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "938477CF-6103-47C3-B30E-53F9175CFF34", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "CC15A6FF-E573-4AD7-AEA7-CC041E25C347", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:x64:*:*:*:*:*", "matchCriteriaId": "5894A4E3-D063-4BE2-8579-B9BBF581EE98", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:webdav_mini-redirector:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EF404C4-8342-4703-92B8-183D74B5B9A0", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en el WebDAV Mini-Redirector de Microsoft Windows XP SP2, Server 2003 SP1 y SP2 y Vista permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una respuesta WebDAV manipulada." } ], "id": "CVE-2008-0080", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-02-12T23:00:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/28894" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/27670" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1019372" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/0509/references" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-007" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5381" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27670" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0509/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-007" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5381" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-12-09 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | office_converter_pack | * | |
microsoft | office_word | 2002 | |
microsoft | office_word | 2003 | |
microsoft | wordpad | * | |
microsoft | works | 8.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office_converter_pack:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C6C8409-397E-40DF-A645-6409189D450D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word:2002:sp3:*:*:*:*:*:*", "matchCriteriaId": "0E99B12F-0DB7-4D0F-AD54-DD906CC8E3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "CDA5243A-BA58-41BC-8FFC-317239E511C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:wordpad:*:*:*:*:*:*:*:*", "matchCriteriaId": "2531DDF2-D2AA-4919-B756-28478AEA5AA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de enteros en los convertidores de texto en Microsoft Office Word 2002 SP3 y 2003 SP3; Works versi\u00f3n 8.5; Office Converter Pack; y WordPad en Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2 permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo DOC con un n\u00famero no v\u00e1lido de nombre de propiedad en la transmisi\u00f3n DocumentSummaryInformation, lo que desencadena un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria." } ], "id": "CVE-2009-2506", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-12-09T18:30:00.313", "references": [ { "source": "secure@microsoft.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=834" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100070184" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/37216" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-342A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-073" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5846" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100070184" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/37216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-342A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5846" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-08-11 18:47
Modified
2025-04-11 00:51
Severity ?
Summary
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Win32k Bounds Checking Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of service (system hang) via a crafted application, aka \"Win32k Bounds Checking Vulnerability.\"" }, { "lang": "es", "value": "Los drivers kernel-mode de Windows en win32k.sys de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, y R2, and Windows 7 no validan adecuadamente un argumento system-call no especificado, lo cual permite a usuarios locales causar una denegaci\u00f3n de servicio (cuelgue de sistema) a trav\u00e9s de aplicaciones manipuladas, tambi\u00e9n conocido como \"Vulnerabilidad Win32k Bounds Checking\"." } ], "id": "CVE-2010-1887", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 4.4, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 2.7, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-08-11T18:47:49.953", "references": [ { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-048" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-048" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11020" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-10-15 00:12
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to uninitialized memory, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Objects Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "8D91FC0B-92FA-4182-9B87-A462850BD510", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*", "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "8D91FC0B-92FA-4182-9B87-A462850BD510", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*", "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*", "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to uninitialized memory, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka \"HTML Objects Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 5.01 SP4 y 6 no gestiona correctamente los errores asociados con el acceso a memoria no inicializada, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento HTML, tambi\u00e9n conocido como \"HTML Objects Memory Corruption Vulnerability (Vulnerabilidad de Corrupci\u00f3n de Memoria de Objetos HTML)\"." } ], "id": "CVE-2008-3476", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-10-15T00:12:15.863", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/31618" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021047" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/2809" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45564" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/31618" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2809" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45564" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13344" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-10-12 02:52
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "BADB0479-3E0E-4326-B568-9DBDCACF0B5E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka \"Scroll Event Remote Code Execution Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n accediendo a un objeto eliminado. Tambi\u00e9n conocidacomo \"vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo del evento Scroll\"." } ], "id": "CVE-2011-1993", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-10-12T02:52:43.503", "references": [ { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12705" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "0C610747-93E5-4014-8ED2-47F333174832", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A419F50E-F32C-461C-95D0-978C5351FBAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "0C610747-93E5-4014-8ED2-47F333174832", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "B4B659D4-6EDD-4A31-A7CC-70B12EBEB4D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "0C610747-93E5-4014-8ED2-47F333174832", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka \"Microsoft .NET Framework Pointer Verification Vulnerability.\"" }, { "lang": "es", "value": "Microsoft .NET Framework v1.0 SP3, v1.1 SP1, y v2.0 SP1 no valida adecuadamente el c\u00f3digo de .NET, lo que permite a atacantes remotos obtener accesos no previstos a la memoria de la pila y ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) una aplicaci\u00f3n de navegador XAML (XBAP), (2) una aplicaci\u00f3n ASP.NET manipulada, o (3) una aplicaci\u00f3n .NET Framework manipulada, tambi\u00e9n conocido como \"Vulnerabilidad de verificaci\u00f3n de puntero de Microsoft .NET Framework\"." } ], "id": "CVE-2009-0090", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-10-14T10:30:00.420", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-061" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5716" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5716" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-07-30 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0FB273F-C654-4E6C-A1D9-2B9843AED5D1", "versionEndIncluding": "5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDAE0519-97A9-48AD-9E8F-DA3B99AAFF7B", "versionEndIncluding": "4.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index." }, { "lang": "es", "value": "Error de entero sin signo en WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores de ataque que involucran un \u00edndice de array JavaScript." } ], "id": "CVE-2010-1791", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-07-30T20:30:02.237", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4334" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11802" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-06-16 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | 8 | |
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka \"MIME Sniffing Information Disclosure Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 8 no maneja adecuadamente las opciones de contenido en las respuestas HTTP, lo que permite a servidores web remotos obtener informaci\u00f3n sensible desde distintos (1) domain o (2) zone a trav\u00e9s de una respuesta manipulada." } ], "id": "CVE-2011-1246", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-06-16T20:55:01.387", "references": [ { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12464" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-18 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | mac_os_x | * | |
hp | hp-ux | * | |
hp | tru64 | * | |
ibm | aix | * | |
ibm | os2 | * | |
linux | linux_kernel | * | |
mandrakesoft | mandrake_linux | 2007 | |
mandrakesoft | mandrake_linux | 2007 | |
mandrakesoft | mandrake_linux | 2007.1 | |
mandrakesoft | mandrake_linux | 2007.1 | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_98 | * | |
microsoft | windows_me | * | |
microsoft | windows_nt | 4.0 | |
microsoft | windows_xp | * | |
santa_cruz_operation | sco_unix | * | |
sun | solaris | * | |
windriver | bsdos | * | |
mplayer | mplayer | 1.0_rc1 | |
sgi | irix | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false }, { "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*", "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570", "vulnerable": false }, { "criteria": "cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FE64F3F-48F6-493F-A81E-2B106FF73AC1", "vulnerable": false }, { "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79", "vulnerable": false }, { "criteria": "cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD5511BD-2A41-4FF6-BD3F-9448F3F8AC90", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*", "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD1B68C0-2676-4F21-8EF0-1749103CB8C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false }, { "criteria": "cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECCBDA43-9C75-4B36-8C90-EF26B8CD777D", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*", "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9", "vulnerable": false }, { "criteria": "cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*", "matchCriteriaId": "60ACA374-1434-4C02-8327-17BC9C000B65", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "83E84D8D-93DA-47C1-9282-E127CD1862E5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*", "matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .avi con cierto \"tama\u00f1o indx tratado\" y valores nEntriesInuse, y un cierto valor wLongsPerEntry." } ], "id": "CVE-2007-4938", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-09-18T19:17:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://osvdb.org/45940" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27016" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3144" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/25648" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/45940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3144" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/25648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-01-07 23:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*", "matchCriteriaId": "8682FAF3-98E3-485C-89CB-C0358C4E2AB0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz." }, { "lang": "es", "value": "Microsoft Internet Explorer en Windows XP permite a atacantes remotos provocar una incorrecta pantalla GUI y tener un impacto no especificado a trav\u00e9s de vectores relacionados con la implementaci\u00f3n DOM, como lo demuestra cross_fuzz." } ], "id": "CVE-2011-0347", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-01-07T23:00:20.390", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html" }, { "source": "cve@mitre.org", "url": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx" }, { "source": "cve@mitre.org", "url": "http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html" }, { "source": "cve@mitre.org", "url": "http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt" }, { "source": "cve@mitre.org", "url": "http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.microsoft.com/technet/security/advisory/2490606.mspx" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/515506/100/0/threaded" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64571" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.microsoft.com/technet/security/advisory/2490606.mspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/515506/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64571" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-08-12 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*", "matchCriteriaId": "D21D1DFE-F61B-407E-A945-4F42F86947B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*", "matchCriteriaId": "3461CEA0-6CCF-4AA9-B83A-420E1310C83C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka \"Malformed AVI Header Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad no especificada en la biblioteca Avifil32.dll en la funcionalidad de manejo de archivos de Windows Media en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1 y SP2, y Server 2008 Gold y SP2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un encabezado con formato incorrecto en un archivo AVI creado, tambi\u00e9n se conoce como \"Malformed AVI Header Vulnerability.\"" } ], "id": "CVE-2009-1545", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-08-12T17:30:00.577", "references": [ { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36206" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/35967" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022711" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2233" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-038" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5412" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36206" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/35967" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022711" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2233" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5412" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-06-16 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka "Win32k OTF Validation Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka \"Win32k OTF Validation Vulnerability.\"" }, { "lang": "es", "value": "win32k.sys en los controladores (drivers) que se encuentren en modo-n\u00facleo (kernel) de Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, R2 y R2 SP1, y Windows 7 Gold y SP1 e plataforma de 64-bits, no valida adecuadamente los punteros durante el an\u00e1lisis (parseo) de las fuentes OpenType (tambi\u00e9n conocida como OTF). Esto permite a los atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero de fuentes modificado. Tambi\u00e9n se conoce como \"Vulnerabilidad de Validaci\u00f3n de Win32k OTF\"" } ], "id": "CVE-2011-1873", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-06-16T20:55:02.510", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/44893" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/48183" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025638" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-041" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67732" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44893" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48183" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025638" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67732" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12725" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-10-06 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://support.microsoft.com/kb/831374 | Patch, Vendor Advisory | |
cve@mitre.org | http://support.microsoft.com/kb/831375 | Patch, Vendor Advisory | |
cve@mitre.org | http://support.microsoft.com/kb/900345 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://support.microsoft.com/kb/831374 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://support.microsoft.com/kb/831375 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://support.microsoft.com/kb/900345 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*", "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed." } ], "id": "CVE-2005-3177", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-10-06T10:02:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/831374" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/831375" }, { "source": "cve@mitre.org", "url": "http://support.microsoft.com/kb/900345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/831374" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://support.microsoft.com/kb/831375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.microsoft.com/kb/900345" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-02-12 23:00
Modified
2025-04-09 00:30
Severity ?
Summary
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "972ADDBC-5D6E-48D5-9DB7-44FE0539807D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "2A0607E7-B416-4AF8-ADF6-6E503627DD29", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:x64:*:*:*:*:*", "matchCriteriaId": "135FCE5E-4296-4D8C-AF7B-84D20CD275EB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "972ADDBC-5D6E-48D5-9DB7-44FE0539807D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:x64:*:*:*:*:*", "matchCriteriaId": "135FCE5E-4296-4D8C-AF7B-84D20CD275EB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka \"Property Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "La vulnerabilidad de Uso de la Memoria Previamente Liberada en Microsoft Internet Explorer versiones 6 SP1, 6 SP2 y 7 permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por la asignaci\u00f3n de valores malformados a determinadas propiedades, como se demuestra mediante la propiedad de un elemento de animateMotion SVG, tambi\u00e9n se conoce como \"Property Memory Corruption Vulnerability\"" } ], "id": "CVE-2008-0077", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2008-02-12T23:00:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661" }, { "source": "secure@microsoft.com", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://secunia.com/advisories/28903" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/228569" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/488048/100/0/threaded" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/27666" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1019380" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0512/references" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-006.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://secunia.com/advisories/28903" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/228569" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/488048/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/27666" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1019380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0512/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-416" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-08 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka \"OpenType CFF Font Driver Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad sin especificar en el driver Windows OpenType Compact Font Format (CFF) en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista SP1 y SP2, Server 2008 SP2 y R2, and Windows 7 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores desconocidos relacionados con una validaci\u00f3n inapropiada cuando se copian datos desde el modo usuario al modo kernel, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria OpenType CFF Font Driver\"" } ], "id": "CVE-2010-0819", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-06-08T20:30:01.773", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/40572" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-037" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58884" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7072" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/40572" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58884" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7072" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-10-12 02:52
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | http://www.securityfocus.com/bid/49964 | Broken Link, Third Party Advisory, VDB Entry | |
secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 | Patch, Vendor Advisory | |
secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12697 | Tool Signature | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49964 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12697 | Tool Signature |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | 8 | |
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a \"dereferenced memory address,\" aka \"Select Element Remote Code Execution Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v8 no asigna ni accede correctamente a la memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores que implican una \"direcci\u00f3n de memoria no referenciada\". Tambi\u00e9n conocida como \"vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo del elemento Select\"." } ], "id": "CVE-2011-1999", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-10-12T02:52:43.737", "references": [ { "source": "secure@microsoft.com", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/49964" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12697" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/49964" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12697" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-07-29 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption by adding malformed elements to an empty DIV element, related to the getElementsByTagName method, aka "HTML Objects Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "A74985B6-BCA5-49E3-878B-77D7FA43070C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*", "matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*", "matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption by adding malformed elements to an empty DIV element, related to the getElementsByTagName method, aka \"HTML Objects Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v5.01 SP4 y v6 SP1; Internet Explorer 6 para Windows XP SP2 y SP3 y Server 2003 SP2; e Internet Explorer 7 y 8 for Windows XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 Gold y SP2, no maneja adecuadamente las operaciones con tablas, lo que permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento HTML manipulado que provoca una corrupci\u00f3n de memoria. Tambi\u00e9n conocida como \"Vulnerabilidad de corrupci\u00f3n de Memoria en objetos HTML\"." } ], "id": "CVE-2009-1918", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-07-29T17:30:01.170", "references": [ { "source": "secure@microsoft.com", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=953693" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/505523/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/35826" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022611" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/2033" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-047" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-034" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=953693" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/505523/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/35826" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022611" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/2033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5524" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-04-14 16:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*", "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka \"MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en los codificadores de audio MPEG Layer-3 en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, SP2, y Server 2008 Gold y SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero AVI manipulado, conocido como \"vulnerabilidad de desbordamiento de pila en el decodificador de audio MPEG Layer-3\"" } ], "id": "CVE-2010-0480", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-04-14T16:00:01.803", "references": [ { "source": "secure@microsoft.com", "url": "http://securityreason.com/securityalert/8336" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-026" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7441" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7441" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-01-21 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | quicktime | * | |
apple | quicktime | - | |
apple | quicktime | 3.0 | |
apple | quicktime | 4.1.2 | |
apple | quicktime | 5.0 | |
apple | quicktime | 5.0.1 | |
apple | quicktime | 5.0.2 | |
apple | quicktime | 6.0 | |
apple | quicktime | 6.1 | |
apple | quicktime | 6.5 | |
apple | quicktime | 6.5.1 | |
apple | quicktime | 6.5.2 | |
apple | quicktime | 7.0 | |
apple | quicktime | 7.0.1 | |
apple | quicktime | 7.0.2 | |
apple | quicktime | 7.0.3 | |
apple | quicktime | 7.0.4 | |
apple | quicktime | 7.1 | |
apple | quicktime | 7.1.1 | |
apple | quicktime | 7.1.2 | |
apple | quicktime | 7.1.3 | |
apple | quicktime | 7.1.4 | |
apple | quicktime | 7.1.5 | |
apple | quicktime | 7.1.6 | |
apple | quicktime | 7.2 | |
apple | quicktime | 7.3 | |
apple | quicktime | 7.3.1 | |
apple | quicktime | 7.3.1.70 | |
apple | quicktime | 7.4 | |
apple | quicktime | 7.4.1 | |
apple | quicktime | 7.4.4 | |
apple | quicktime | 7.4.5 | |
apple | quicktime | 7.5 | |
apple | mac_os_x | 10.4.9 | |
apple | mac_os_x | 10.5 | |
apple | mac_os_x | 10.5.1 | |
apple | mac_os_x | 10.5.2 | |
apple | mac_os_x | 10.5.3 | |
apple | mac_os_x | 10.5.4 | |
apple | mac_os_x | 10.5.5 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "26878E5F-2CE4-4867-A33F-3E531802EABC", "versionEndIncluding": "7.5.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "1EF20D38-BFA3-4403-AB24-7B74EFD68229", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*", "matchCriteriaId": "7F9F7DCE-EE65-4CD5-AA21-208B2AAF09EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "31662D02-7FA9-4FAD-BE49-194B7295CEE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "A9E1332A-5B4D-4590-BFA5-4557C71F894B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0DC01580-460A-4DC3-BB6D-A9B2254EF6D8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Apple QuickTime anterior a v7.6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cierre de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una URL RTSP manipulada." } ], "id": "CVE-2009-0001", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-01-21T20:30:00.250", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jan/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/33632" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3403" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33385" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-022A.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/0212" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48154" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6135" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2009/Jan/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33632" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3403" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-022A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6135" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-08-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2003_server | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka \"NDISTAPI Elevation of Privilege Vulnerability.\"" }, { "lang": "es", "value": "NDISTAPI.sys del controlador NDISTAPI en el servicio de acceso remoto (RAS) de Microsoft Windows XP SP2 y SP3 y Windows Server 2003 SP2 no valida apropiadamente la entrada de modo usuario, lo que permite a usuarios locales escalar privilegios a trav\u00e9s de una aplicaci\u00f3n modificada. Tambi\u00e9n conocida como \"vulnerabilidad de escalado de privlegios NDISTAPI\"." } ], "id": "CVE-2011-1974", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-08-10T21:55:01.890", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/48996" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-221A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-062" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12912" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/40627/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48996" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-221A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/40627/" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-04-10 21:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | gold | |
microsoft | windows_2003_server | gold | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp2 | |
microsoft | windows_2003_server | sp2 | |
microsoft | windows_2003_server | sp2 | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:gold:*:*:*:*:*:*:*", "matchCriteriaId": "B058588A-88F3-4789-8EA9-0D37447B08CA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:gold:*:itanium:*:*:*:*:*", "matchCriteriaId": "3C9649DB-D417-4CCC-9F61-685ECB355AD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*", "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:x64:*:*:*:*:*", "matchCriteriaId": "C0507FBE-8679-4CE3-946A-E91CD8DAEC41", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*", "matchCriteriaId": "D21D1DFE-F61B-407E-A945-4F42F86947B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*", "matchCriteriaId": "3461CEA0-6CCF-4AA9-B83A-420E1310C83C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*", "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Microsoft Agent (msagent\\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Microsoft Agent (msagent\\agentsvr.exe) en Windows 2000 SP4, XP SP2, y Server 2003, 2003 SP1, y 2003 SP2 permite a aacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una URL manipulada, lo cual deriva en una corrupci\u00f3n de memoria." } ], "id": "CVE-2007-1205", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-04-10T21:19:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/22896" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/secunia_research/2006-74/advisory/" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/728057" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/465235/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/23337" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1017896" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/1324" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22896" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/secunia_research/2006-74/advisory/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/728057" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/465235/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23337" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017896" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-05-24 20:55
Modified
2025-04-11 00:51
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_8 | - | |
microsoft | windows_rt | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_server_2012 | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - |
{ "cisaActionDue": "2022-04-18", "cisaExploitAdd": "2022-03-28", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka \"Win32k Read AV Vulnerability.\"" }, { "lang": "es", "value": "La funcion EPATHOBJ::pprFlattenRec en win32k.sys en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, y Windows RT, no inicializar correctamente un puntero para el siguiente objeto en una lista determinada, lo que permite a usuarios locales obtener acceso de escritura a la cadena PATHRECORD y, por lo tanto, ganar privilegios mediante la activaci\u00f3n de un consumo excesivo de memoria paginada y posteriormente hacer muchas llamadas a funciones FlattenPath." } ], "id": "CVE-2013-3660", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2013-05-24T20:55:01.903", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0090.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://secunia.com/advisories/53435" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://twitter.com/taviso/statuses/309157606247768064" }, { "source": "cve@mitre.org", "tags": [ "Not Applicable" ], "url": "http://twitter.com/taviso/statuses/335557286657400832" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.computerworld.com/s/article/9239477" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.exploit-db.com/exploits/25611/" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/93539" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking" ], "url": "http://www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/" }, { "source": "cve@mitre.org", "tags": [ "Press/Media Coverage" ], "url": "http://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-190A" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-053" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17360" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0090.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://secunia.com/advisories/53435" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://twitter.com/taviso/statuses/309157606247768064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Not Applicable" ], "url": "http://twitter.com/taviso/statuses/335557286657400832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.computerworld.com/s/article/9239477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://www.exploit-db.com/exploits/25611/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/93539" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking" ], "url": "http://www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Press/Media Coverage" ], "url": "http://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-190A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17360" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2008-03-25 16:44
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:word:2000:sp3:*:*:*:*:*:*", "matchCriteriaId": "C426AFDD-870F-4CAD-9E93-636714984259", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*", "matchCriteriaId": "F02894C4-57A7-45FE-B9D2-1A0EE3ABA455", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "A4182673-402A-4801-9A0F-2516EE923DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2003_sp3:*:*:*:*:*:*:*", "matchCriteriaId": "EA77105B-D33D-44D1-BBB0-98EC8A59F69F", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*", "matchCriteriaId": "A9B12493-4287-4AAD-9A18-D3FC3FCBE172", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2007_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "1A89CC23-C0B7-4050-AA21-CF74FE9ADE1B", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la biblioteca msjet40.dll anterior a la versi\u00f3n 4.0.9505.0 en el Motor de Base de datos de Microsoft Jet permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de Word creado, tal y como se explot\u00f3 \u201cin the wild\u201d en marzo de 2008. NOTA: a partir de 20080513, Microsoft ha declarado que este es el mismo problema que el CVE-2007-6026." } ], "id": "CVE-2008-1092", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-03-25T16:44:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/936529" }, { "source": "secure@microsoft.com", "url": "http://www.microsoft.com/technet/security/advisory/950627.mspx" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1019686" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/936529" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.microsoft.com/technet/security/advisory/950627.mspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019686" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41380" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-27 21:17
Modified
2025-04-09 00:30
Severity ?
Summary
Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | iphone_os | 1.1.1 | |
apple | safari | * | |
apple | mac_os_x | 10.4 | |
apple | mac_os_x | 10.4.1 | |
apple | mac_os_x | 10.4.2 | |
apple | mac_os_x | 10.4.3 | |
apple | mac_os_x | 10.4.4 | |
apple | mac_os_x | 10.4.5 | |
apple | mac_os_x | 10.4.6 | |
apple | mac_os_x | 10.4.7 | |
apple | mac_os_x | 10.4.8 | |
apple | mac_os_x | 10.4.9 | |
apple | mac_os_x | 10.4.10 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
apple | safari | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CB75258-E523-4F5A-BE8C-436CB4D68447", "versionEndIncluding": "3.0.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain." }, { "lang": "es", "value": "Safari en Apple iPhone versiones anteriores a 1.1.1 y Safari versi\u00f3n 3 anterior a Beta Update 3.0.4 en Windows y Mac OS X versiones 10.4 hasta 10.4.10, permite a atacantes remotos obtener informaci\u00f3n confidencial por medio de una p\u00e1gina web dise\u00f1ada que identifica la URL de la ventana principal, incluso cuando la ventana principal est\u00e1 en un dominio diferente." } ], "id": "CVE-2007-3756", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-09-27T21:17:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=306586" }, { "source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=307041" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26983" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27643" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018752" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25859" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26444" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3287" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3868" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36855" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=306586" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=307041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26983" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27643" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018752" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25859" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26444" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2007/3868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36855" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-03-13 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CElement Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en Microsoft Internet Explorer 8 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un sitio web dise\u00f1ado que desencadena el acceso a un objeto eliminado, tambi\u00e9n conocido como \"Internet Explorer CElement, vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n\"." } ], "id": "CVE-2013-0091", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-03-13T00:55:01.327", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16526" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-071A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16526" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-03-09 23:00
Modified
2025-04-11 00:51
Severity ?
Summary
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp_media_center | 2005 | |
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_media_center_tv_pack | * | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_xp_media_center:2005:sp3:*:*:*:*:*:*", "matchCriteriaId": "30D0FF32-8A9D-43EE-908A-43053712F3D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_center_tv_pack:*:*:*:*:*:*:*:*", "matchCriteriaId": "79A15029-0552-4906-B2D4-69B6E0C52520", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x32:*:*:*:*:*", "matchCriteriaId": "178F2B55-D3D9-4C38-A5FC-BA8F94A985A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka \"DVR-MS Vulnerability.\"" }, { "lang": "es", "value": "SBE.dll de Stream Buffer Engine de Windows Media Player y Windows Media Center de Microsoft Windows XP SP2 y SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 y SP2, Windows 7 Gold y SP1, y Windows Media Center TV Pack para Windows Vista no procesa apropiadamente ficheros Digital Video Recording (.dvr-ms), lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero modificado. Tambi\u00e9n coocido como \"vulnerabilidad DVR-MS\"." } ], "id": "CVE-2011-0042", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2011-03-09T23:00:01.857", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/71016" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/43626" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/46680" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025169" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-067A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2011/0615" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12281" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/71016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43626" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46680" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025169" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-067A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12281" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-12-12 00:46
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_xp | * | |
microsoft | message_queuing | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:pro:*:*:*:*:*", "matchCriteriaId": "C6C99A6D-BE32-4634-9261-81E26983FB84", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:srv:*:*:*:*:*", "matchCriteriaId": "F200FFC6-7D0E-4500-AB65-8785FD1EEC24", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:message_queuing:*:*:*:*:*:*:*:*", "matchCriteriaId": "F31DB341-76D4-44F6-B0DD-107775495110", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el servicio Microsoft Message Queuing Service (MSMQ) en Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4 y Windows XP SP2 permite a los atacantes ejecutar c\u00f3digo arbitrario por medio de una cadena larga en una llamada RPC 0x06 opnum al puerto 2103. NOTA: esto es explotable de forma remota en Windows 2000 Server." } ], "id": "CVE-2007-3039", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-12-12T00:46:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28011" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28051" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/484891/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/26797" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1019077" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/4181" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-076.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-065" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4474" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/4745" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/4760" }, { "source": "secure@microsoft.com", "url": "https://www.exploit-db.com/exploits/4934" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/484891/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019077" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/4181" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-076.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4474" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4745" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4760" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4934" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-08-25 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bitdefender | bitdefender_total_security_2010 | 13.0.20.347 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:bitdefender:bitdefender_total_security_2010:13.0.20.347:*:*:*:*:*:*:*", "matchCriteriaId": "D569CDD8-8AC3-41E2-B302-FD182BCBD86C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [ { "sourceIdentifier": "cve@mitre.org", "tags": [ "disputed" ] } ], "descriptions": [ { "lang": "en", "value": "Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute" }, { "lang": "es", "value": "** EN DISPUTA ** Condici\u00f3n de Carrera en BitDefender Total Security 2010 v13.0.20.347 para Windows XP permite a usuarios locales eludir los manejadores de hooks a nivel de kernel, y ejecutar c\u00f3digo peligroso que de otra manera ser\u00eda bloqueada por el manejador y no por una detecci\u00f3n basada en firma de malware. Esto se consigue a trav\u00e9s de ciertos cambios en la memoria de espacio de usuario durante la ejecuci\u00f3n del manejador de hooks. Se trata de un problema tambi\u00e9n conocido como un ataque argument-switch o un ataque KHOBE. NOTA: este problema es discutido por algunos, ya que es un defecto en un mecanismo de protecci\u00f3n para situaciones en las que un programa hecho a mano ya ha comenzado a ejecutarse.\r\n" } ], "id": "CVE-2010-5154", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-08-25T21:55:02.460", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "cve@mitre.org", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "cve@mitre.org", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/67660" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "cve@mitre.org", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.f-secure.com/weblog/archives/00001949.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/67660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/39924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning." }, { "lang": "es", "value": "Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n o causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) a trav\u00e9s de elementos HTML que tiene la posici\u00f3n vertical a medida." } ], "id": "CVE-2010-1405", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T18:00:32.737", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/40196" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4220" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/40659" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7252" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/40196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/40659" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7252" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-06-27 00:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * | |
microsoft | msn_messenger | 4.7 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:msn_messenger:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "E0E2AB3A-983D-4553-9938-8BC32384A05B", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation." }, { "lang": "es", "value": "Microsoft MSN Messenger 4.7 en Windows XP permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de recursos) mediante una inundaci\u00f3n de peticiones SIP INVITE al puerto especificado para conversaci\u00f3n por voz." } ], "id": "CVE-2007-3436", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-06-27T00:30:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://osvdb.org/45427" }, { "source": "cve@mitre.org", "url": "http://www.sipera.com/index.php?action=resources%2Cthreat_advisory\u0026tid=292\u0026" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/45427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.sipera.com/index.php?action=resources%2Cthreat_advisory\u0026tid=292\u0026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35064" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "207B8A6E-5158-4636-91D8-38021B91CB42", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "EAB2E520-56D9-4B3F-99BA-EBC04AC30E4F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "61E9C554-757E-4912-A3F6-6F1DB17483AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "EEAFE154-7058-40A1-9806-22476A7DF0BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "394F16B8-C29F-445A-AA47-AA82F78CFA20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1:*:*:*:*:*:*", "matchCriteriaId": "A2A2852D-64BE-40B1-8811-02EBDC1E044E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*", "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file." }, { "lang": "es", "value": "El desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en winhlp32.exe en Windows NT, Windows 2000 a SP4, Windows XP a SP2 y Windows 2003 permite a los atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo.hlp dise\u00f1ado." } ], "id": "CVE-2004-1306", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2004-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110383690219440\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/12092" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.xfocus.net/flashsky/icoExp/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18678" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110383690219440\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/12092" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.xfocus.net/flashsky/icoExp/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18678" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-05-10 02:14
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:distributed_transaction_coordinator:*:*:*:*:*:*:*:*", "matchCriteriaId": "17CE5AD3-C232-4C54-9A92-558D9E3DD708", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*", "matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*", "matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*", "matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*", "matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability." } ], "id": "CVE-2006-0034", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-05-10T02:14:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html" }, { "source": "secure@microsoft.com", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/20000" }, { "source": "secure@microsoft.com", "url": "http://securityreason.com/securityalert/863" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1016047" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.eeye.com/html/research/advisories/AD20060509a.html" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/25335" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/17906" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1742" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/20000" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.eeye.com/html/research/advisories/AD20060509a.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/25335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/17906" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1742" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-10-10 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "B5E149E7-B748-44F6-BB55-68D5BF87AF41", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*", "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*", "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*", "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*", "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*", "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*", "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*", "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka \"Code Execution via Compiled HTML Help File.\"" } ], "id": "CVE-2002-0694", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-10-10T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10254.php" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10254.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-02-10 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain "duplicate values," and spoofing of an authentication token, aka "SMB NTLM Authentication Lack of Entropy Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "4D5F7729-A095-43DF-BF2F-B4B6938087FA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of entropy, which allows remote attackers to obtain access to files and other SMB resources via a large number of authentication requests, related to server-generated challenges, certain \"duplicate values,\" and spoofing of an authentication token, aka \"SMB NTLM Authentication Lack of Entropy Vulnerability.\"" }, { "lang": "es", "value": "La implementaci\u00f3n del SMB en el servicio Server en Microsoft Windows 2000 SP4, Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7, no utiliza una fuente con suficiente entrop\u00eda, lo que permite a atacantes remotos conseguir el acceso a ficheros y a otros recursos SMB a trav\u00e9s de un gran n\u00famero de peticiones de autenticaci\u00f3n, relativo a desaf\u00edos generador por el servidor, ciertos valores duplicados, y espiado de elementos de autenticaci\u00f3n, tambi\u00e9n conocido como \"SMB NTLM Authentication Lack of Entropy Vulnerability.\"" } ], "id": "CVE-2010-0231", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-02-10T18:30:01.393", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7751" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7751" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" }, { "lang": "en", "value": "CWE-310" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-12-10 14:00
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka "GDI Heap Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:x64:*:*:*:*:*:*", "matchCriteriaId": "39956C56-FB39-485B-9BD6-B92807681676", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*", "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka \"GDI Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en una API en GDI en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008, permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio o ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero WMF con un par\u00e1metro de tama\u00f1o de fichero mal formado, que no puede ser manejado adecuadamente por aplicaciones de terceros que emplean este API para las operaciones de copia, tambi\u00e9n conocido como \"GDI Heap Overflow Vulnerability.\"" } ], "id": "CVE-2008-3465", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2008-12-10T14:00:00.767", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021365" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/3383" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-071" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3383" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-071" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6062" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-04-13 20:26
Modified
2025-04-11 00:51
Severity ?
Summary
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other \"Vulnerability Type 2\" CVEs listed in MS11-034, aka \"Win32k Null Pointer De-reference Vulnerability.\"" }, { "lang": "es", "value": "win32k.sys en los drivers de kernel-mode en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 Gold y SP1 permite a usuarios locales para obtener privilegios a trav\u00e9s de una aplicaci\u00f3n dise\u00f1ada que dispara una resoluci\u00f3n de puntero Nulo, una vulnerabilidad diferente a otros \"vulnerabilidad de tipo 2 \" CVE enumerados en MS11 - 034, tambi\u00e9n conocido como \" Win32k vulnerabilidad de resoluci\u00f3n de puntero Nulo\"" } ], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\u0027CWE-476: NULL Pointer Dereference\u0027", "id": "CVE-2011-0676", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2011-04-13T20:26:24.953", "references": [ { "source": "secure@microsoft.com", "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/44156" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100133352" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/47220" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025345" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2011/0952" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66405" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12416" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12474" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44156" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100133352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/47220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0952" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66405" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12474" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2009-03-10 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*", "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified \"actions,\" aka \"Windows Kernel Handle Validation Vulnerability.\"" }, { "lang": "es", "value": "El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 no maneja adecuadamente la validaci\u00f3n, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada que inicia acciones inespec\u00edficas, tambi\u00e9n conocida como \"Vulnerabilidad del Kernel de Windows en el manejo de validaciones\"." } ], "id": "CVE-2009-0082", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2009-03-10T20:30:01.483", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/52523" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/34117" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-079.htm" }, { "source": "secure@microsoft.com", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=842987\u0026poid=" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/34027" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021827" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-069A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/0659" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-006" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6036" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/52523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34117" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-079.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=842987\u0026poid=" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34027" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-069A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/0659" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6036" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-21 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5", "versionEndIncluding": "5.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "E9D96EC5-8FFC-4C8D-9C3E-EFEE79D4D52C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "239FAB02-7526-4680-8E99-653C63B69788", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "A557D31B-4614-41E0-85EA-804C2DDF4919", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FE65977-B643-4E5F-9D8D-5C8717F96754", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1." }, { "lang": "es", "value": "WebKit, en Safari de Apple antes de v5.0.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web hecho a mano, una vulnerabilidad diferente a los CVE enumerados en WebKit que figuran en APPLE-SA -2011-07-20-1." } ], "id": "CVE-2011-1453", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-07-21T23:55:02.597", "references": [ { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT4981" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT4999" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4999" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-06-12 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka \"Scrolling Events Information Disclosure Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 6 hasta 9 no bloquea eventos de desplazamiento de dominios cruzados, los cuales permiten a atacantes remotos leer contenido desde (1) un dominio o (2) zona a trav\u00e9s de un sitio web manipulado, conocido tambi\u00e9n como \"vulnerabilidad de publicaci\u00f3n de informaci\u00f3n de eventos de desplazamiento\"" } ], "id": "CVE-2012-1882", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2012-06-12T22:55:02.157", "references": [ { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15367" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-10-13 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 6 hasta 8 no maneja adecuadamente objetos en memoria en ciertas circunstancias involucrando el uso de Microsoft Word para leer documentos Word, permite a atacantes remotos ejecutar c\u00f3dido de su elecci\u00f3n accediendo a un objeto que (1) no fue correctamente inicializado o (2) es borrado, provocando una corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de memoria no inicializada\"." } ], "id": "CVE-2010-3331", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-10-13T19:00:46.430", "references": [ { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100113324" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100113324" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6832" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-02-20 15:15
Modified
2024-11-21 01:44
Severity ?
Summary
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
cve@mitre.org | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3527F41-A6ED-437D-9833-458A2C60C2A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669." }, { "lang": "es", "value": "La implementaci\u00f3n de IPv6 en Microsoft Windows 7 y anteriores, permite a atacantes remotos causar una denegaci\u00f3n de servicio por medio de una avalancha de mensajes ICMPv6 Neighbor Solicitation, una vulnerabilidad diferente a CVE-2010-4669." } ], "id": "CVE-2012-5362", "lastModified": "2024-11-21T01:44:35.717", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-02-20T15:15:11.227", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2012/10/10/12" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.securityfocus.com/bid/56170/info" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2012/10/10/12" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.securityfocus.com/bid/56170/info" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-12-12 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_7 | gold | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:gold:*:*:*:*:*:*:*", "matchCriteriaId": "356130EB-AE2A-41CB-BF02-94FAA8A53067", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka \"TrueType Font Parsing Vulnerability.\"" }, { "lang": "es", "value": "Los controladores kernel-mode en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, Windows 8, Windows Server 2012, y Windows RT permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una un archivo TrueType Font (TTF) modificado, tambi\u00e9n conocido como \"TrueType Font Parsing Vulnerability\"." } ], "id": "CVE-2012-4786", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-12-12T00:55:01.343", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-346A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-078" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-346A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15845" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660." }, { "lang": "es", "value": "WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, env\u00eda una URL https en la cabecera Referer de una solicitud http en determinadas circunstancias conteniendo https a redirecciones http, lo cual permite a servidores HTTP remotos obtener informaci\u00f3n potencialmente sensible a trav\u00e9s de un acceso HTTP est\u00e1ndar, un proplema relacionado con CVE-2010-0660." } ], "id": "CVE-2010-1406", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T18:00:37.457", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7197" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7197" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-09-11 01:13
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | quicktime | * | |
apple | quicktime | 7.0 | |
apple | quicktime | 7.0.1 | |
apple | quicktime | 7.0.2 | |
apple | quicktime | 7.0.3 | |
apple | quicktime | 7.0.4 | |
apple | quicktime | 7.1 | |
apple | quicktime | 7.1.1 | |
apple | quicktime | 7.1.2 | |
apple | quicktime | 7.1.3 | |
apple | quicktime | 7.1.4 | |
apple | quicktime | 7.1.5 | |
apple | quicktime | 7.1.6 | |
apple | quicktime | 7.2 | |
apple | quicktime | 7.3 | |
apple | quicktime | 7.3.1 | |
apple | quicktime | 7.3.1.70 | |
apple | quicktime | 7.4 | |
apple | quicktime | 7.4.1 | |
apple | quicktime | 7.4.5 | |
intel | indeo | 3.2 | |
microsoft | windows-nt | xp | |
microsoft | windows_vista | - | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "70DDAE09-0183-4BF4-8053-D80E6AE9F1C2", "versionEndIncluding": "7.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "1EF20D38-BFA3-4403-AB24-7B74EFD68229", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1.70:*:*:*:*:*:*:*", "matchCriteriaId": "7F9F7DCE-EE65-4CD5-AA21-208B2AAF09EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "31662D02-7FA9-4FAD-BE49-194B7295CEE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:indeo:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4591CA5A-8441-45BE-8A60-05F6EB9AC25D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en QuickTimeInternetExtras.qtx en un codec de Indeo v3.2 (tambi\u00e9n conocido como IV32) de terceros que no se ha especificado y que es para QuickTime, cuando se utiliza con Apple QuickTime anterior a 7.5.5 en Windows; permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un fichero de pel\u00edcula manipulado." } ], "id": "CVE-2008-3635", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-09-11T01:13:09.993", "references": [ { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/31821" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1020841" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3027" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/496201/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/31086" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2527" }, { "source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-057/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31821" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1020841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3027" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/496201/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/31086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2527" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-057/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-15 08:00
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka "Page Transition Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:32_bit:*:*:*:*:*", "matchCriteriaId": "C4BFF042-5C0B-482A-915B-3B9A267D2D96", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*", "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka \"Page Transition Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v6 SP1, v6 y v7 en Windows XP SP2 y SP3, v6 y v7 en Windows Server 2003 SP1 y SP2, v7 en Windows Vista Gold y SP1, y v7 en Windows Server 2008 no maneja adecuadamente errores de transici\u00f3n en una petici\u00f3n a un documento HTTP seguido de una petici\u00f3n a un segundo documento HTTP, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados (1) m\u00faltiples p\u00e1ginas manipuladas en un sitio Web (2) una p\u00e1gina Web con l\u00edneas de contenido manipulado como publicidad en forma de banner, tambi\u00e9n conocido como \"Vulnerabilidad de Corrupci\u00f3n de Memoria en transici\u00f3n de p\u00e1gina\"." } ], "id": "CVE-2009-0551", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2009-04-15T08:00:00.627", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/53624" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/34678" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm" }, { "source": "secure@microsoft.com", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022042" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/1028" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6164" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/53624" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34678" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=871138" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6164" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-08-10 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el servicio Plug and Play (PnP) de Microsoft Windows 2000 y Windows XP Service Pack 1 ; permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete manipulado. Tambi\u00e9n los usuarios locales pueden aumentar sus privilegios a trav\u00e9s de aplicaciones maliciosas, como se ha explotado con el gusano Zotob (tambi\u00e9n llamado Mytob)." } ], "id": "CVE-2005-1983", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-08-10T04:00:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/16372" }, { "source": "secure@microsoft.com", "url": "http://securitytracker.com/id?1014640" }, { "source": "secure@microsoft.com", "url": "http://www.ciac.org/ciac/bulletins/p-266.shtml" }, { "source": "secure@microsoft.com", "url": "http://www.frsirt.com/english/alerts/20050814.ZotobA.php" }, { "source": "secure@microsoft.com", "url": "http://www.hsc.fr/ressources/presentations/null_sessions/" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/998653" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/18605" }, { "source": "secure@microsoft.com", "url": "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/14513" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-221A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2005/1354" }, { "source": "secure@microsoft.com", "url": "http://xforce.iss.net/xforce/alerts/id/202" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21602" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/16372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014640" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/p-266.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.frsirt.com/english/alerts/20050814.ZotobA.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.hsc.fr/ressources/presentations/null_sessions/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/998653" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/18605" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14513" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-221A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/1354" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://xforce.iss.net/xforce/alerts/id/202" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21602" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-15 08:00
Modified
2025-04-09 00:30
Severity ?
Summary
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka \"Windows RPCSS Service Isolation Vulnerability.\"" }, { "lang": "es", "value": "El servicio RPCSS en Microsoft Windows XP SP2 y SP3 y Server 2003 SP1 y SP2 no implementa adecuadamente el aislamiento entre los distintos procesos que (1) todo se ejecuta bajo la cuenta NetworkService o (2) todo se ejecuta bajo la cuenta LocalService, lo que permite a usuarios locales obtener privilegios para acceder a los recursos de uno de los procesos, tambi\u00e9n conocido como \"Vulnerabilidad de aislamiento de servicios RPCSS Windows\"." } ], "id": "CVE-2009-0079", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-15T08:00:00.377", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/53667" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022044" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/1026" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/53667" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6147" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*", "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*", "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*", "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*", "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*", "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*", "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*", "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*", "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*", "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*", "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*", "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*", "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*", "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*", "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*", "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*", "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*", "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*", "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*", "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*", "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka \"GDI+ TIFF Buffer Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web v2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen TIFF manipulado, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de b\u00fafer GDI+ TIFF\"." } ], "id": "CVE-2009-2502", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2009-10-14T10:30:01.390", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5898" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-120" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2009-01-14 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*", "matchCriteriaId": "E0BBA081-24D5-4990-882F-69CB05CC28CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified \"fields inside the SMB packets\" in an NT Trans request, aka \"SMB Buffer Overflow Remote Code Execution Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer de SMB en el servicio Server en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP1 y SP2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de valores mal formados \"dentro de los campos de los paquetes SMB\" sin especificar en una petici\u00f3n NT Trans, tambi\u00e9n conocido como \"Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto con desbordamiento de b\u00fafer SMB\"." } ], "id": "CVE-2008-4834", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-01-14T22:30:00.717", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/500012/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/33121" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021560" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-013A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/0116" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-001/" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/500012/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33121" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021560" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-013A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/0116" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-001/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5863" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-08-11 18:47
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted streaming content, aka "MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2003_server | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted streaming content, aka \"MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability.\"" }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en el MPEG Layer-3 Audio Codec para Microsoft DirectShow en l3codecx.ax, en Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) un flujo de audio en MPEG Layer-3 o de un contenido para difusi\u00f3n manipulado, conocido tamb\u00eden por \"MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability.\"" } ], "id": "CVE-2010-1882", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-08-11T18:47:49.920", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-052" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11585" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-052" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11585" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-13 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "matchCriteriaId": "CC916D5A-0644-4423-A52E-D4310906BE78", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka \"Win32k Use After Free Vulnerability.\"" }, { "lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, Service Pack 2, R2 y R2 SP1, y Windows 7 Gold SP1, permite a atacantes locales producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario mediante una aplicacion manipulada que aprovecha la gesti\u00f3n incorrecta objeto controladro, una vulnerabilidad diferente a los CVE enumerados en MS11-054, tambi\u00e9n conocido como \" Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en win32k.sys \".\r\n" } ], "id": "CVE-2011-1879", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-07-13T23:55:01.160", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/73781" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/45186" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100144947" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/48593" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025761" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11946" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/73781" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/45186" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100144947" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/48593" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025761" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11946" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*", "matchCriteriaId": "9692F8E9-E8E9-43A8-87D5-F2409333F8CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "DA3D2175-7DF7-4D57-8B26-5BA68EF7A935", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "40372520-08CF-4F64-A7AC-7E0AE0964138", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "2EB39B99-91A0-4B70-B12A-BA37F6AFBA83", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "88301496-BED2-45EB-BF19-5F5BF2957373", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s3400:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCB0BA4C-BA48-4DDA-917E-9EA9E04A898F", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D190CA6-7807-4361-8FB8-C015B21E66B1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A140A10-720D-4FF5-9559-184D9AC33509", "vulnerable": true }, { "criteria": "cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*", "matchCriteriaId": "48E2627D-3244-4A66-9EF6-B790EEFD0D4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:nortel:optivity_telephony_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "162EA244-0CED-44BF-9857-13127C833FB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:nortel:symposium_web_centre_portal:*:*:*:*:*:*:*:*", "matchCriteriaId": "17F13410-3380-4CB8-9E20-92E14B85ADC4", "vulnerable": true }, { "criteria": "cpe:2.3:a:nortel:symposium_web_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "872353DB-616C-46F8-99F1-7C7B56DEF34F", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*", "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by \"wottapoop.html\"." } ], "id": "CVE-2004-0839", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109303291513335\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109336221826652\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Aug/0868.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/526089" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10973" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-293A.html" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17044" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1563" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2073" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3773" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4152" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6272" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109303291513335\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109336221826652\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Aug/0868.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/526089" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10973" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-293A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1563" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3773" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4152" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6272" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7721" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-11-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL." } ], "id": "CVE-2001-0909", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-11-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=100638955422011\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6802" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7605" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=100638955422011\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7605" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-10-15 00:12
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7B311834-DF02-4F7A-B960-E4C1C7519A39", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:*:*:professional:*:x64:*", "matchCriteriaId": "05C8A2ED-9B33-49C9-BA33-2F3F70441BE7", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*", "matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7B311834-DF02-4F7A-B960-E4C1C7519A39", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:itanium:*", "matchCriteriaId": "ED5ADA49-C463-4C85-B9BD-CFEE57417066", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*", "matchCriteriaId": "E8000F58-DF1C-464C-A14B-783CDC00E781", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x86:*:*:*:*:*", "matchCriteriaId": "1DFCE172-A45F-4CED-AB56-D92DE2EF5B98", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:gold:*:*:*:*:*:*", "matchCriteriaId": "0F4B7FB1-355B-47BB-8EED-A398DCF4DE02", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:gold:*:*:*:*:x64:*", "matchCriteriaId": "64D983E0-7733-4D63-B680-0AABE30D074D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*", "matchCriteriaId": "7211B5C5-6B6E-4A33-88BC-1D64CD684204", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:*:*:professional:*:x64:*", "matchCriteriaId": "05C8A2ED-9B33-49C9-BA33-2F3F70441BE7", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka \"Event Handling Cross-Domain Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer v6 y v7 no determina de forma adecuada el dominio o zona de seguridad del origen de la secuencia de comandos web, lo que permite a atacantes remotos saltar la pol\u00edtica de seguridad de dominios cruzados implementada, y ejecutar c\u00f3digo arbitrario u obtener informaci\u00f3n sensible mediante un documento HTML modificado, tambi\u00e9n conocido como \"vulnerabilidad de dominios cruzados en el manejo de eventos\"." } ], "id": "CVE-2008-3473", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-10-15T00:12:15.803", "references": [ { "source": "secure@microsoft.com", "tags": [ "Mailing List", "Release Notes", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Mailing List", "Release Notes", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/31616" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1021047" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/2809" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058" }, { "source": "secure@microsoft.com", "tags": [ "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45562" }, { "source": "secure@microsoft.com", "tags": [ "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13255" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Release Notes", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Release Notes", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=122479227205998\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/31616" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1021047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/2809" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45562" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13255" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-07-30 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0FB273F-C654-4E6C-A1D9-2B9843AED5D1", "versionEndIncluding": "5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDAE0519-97A9-48AD-9E8F-DA3B99AAFF7B", "versionEndIncluding": "4.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document." }, { "lang": "es", "value": "WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, no gestiona adecuadamente la modificaci\u00f3n din\u00e1mica de un nodo de texto lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de documento HTML modificado." } ], "id": "CVE-2010-1783", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-07-30T20:30:01.973", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43086" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4334" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456" }, { "source": "product-security@apple.com", "url": "http://www.debian.org/security/2011/dsa-2188" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0216" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11820" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11820" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-11-08 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_7 | - | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | * | |
microsoft | windows_server_2008 | r2 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka \"LDAPS Authentication Bypass Vulnerability.\"" }, { "lang": "es", "value": "La implementaci\u00f3n de LDAP sobre SSL (tambi\u00e9n conocido como LDAPS) en Active Directory, Active Directory Application Mode (ADAM), y Active Directory Lightweight Directory Service (AD LDS) en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, y Windows 7 Gold y SP1, no examina las listas de revocaci\u00f3n de certificados (CRLs), lo que permite a usuarios autenticados remotamente evitar restricciones de certificado intencionadas y acceder a recursos de Active Directory aprovechando una revocaci\u00f3n de certificados X.509 para una cuenta de dominio, tambi\u00e9n conocido como \"LDAPS Authentication Bypass Vulnerability.\"" } ], "id": "CVE-2011-2014", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-11-08T21:55:01.253", "references": [ { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1026294" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-086" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13278" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1026294" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13278" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-05-08 23:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0947.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * | |
microsoft | internet_explorer | 7.0 | |
microsoft | windows_2003_server | sp1 | |
microsoft | internet_explorer | 7.0 | |
microsoft | windows_2003_server | sp2 | |
microsoft | internet_explorer | 7.0 | |
microsoft | windows_vista | * | |
microsoft | internet_explorer | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two \"HTML Objects Memory Corruption Vulnerabilities\" and a different issue than CVE-2007-0947." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Microsoft Internet Explorer 7 de Windows XP SP2, Windows Server 2003 SP1 \u00f3 SP2, \u00f3 Windows Vista permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante objetos HMTL manipulados, lo que conduce a corrupci\u00f3n de memoria, tambi\u00e9n conocido como el primero de dos \"Vulnerabilidades de Corrupci\u00f3n de Memoria de Objetos HTML\", vulnerabilidad distinta a CVE-2007-0947." } ], "id": "CVE-2007-0946", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-05-08T23:19:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/23769" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/34402" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/23770" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1018019" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/1712" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33255" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1441" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23769" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/34402" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23770" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33255" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1441" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2012-08-15 01:55
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka \"Remote Administration Protocol Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer basado en memoria din\u00e1mica en Remote Administration Protocol (RAP) en el servicio LanmanWorkstation en Microsoft Windows XP SP2 y SP3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de paquetes de respuesta RAP manipulados, tambi\u00e9n conocido como \"Remote Administration Protocol Heap Overflow Vulnerability.\"" } ], "id": "CVE-2012-1852", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2012-08-15T01:55:01.397", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-227A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-054" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-227A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15079" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-01-09 18:09
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "73052210-0B42-46AA-9F28-AAE3E9B6DE87", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C9B9BE3-6F83-469E-834F-3E00CFECD8E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4170FCB7-274C-4318-B7A1-8F18DE604A2D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*", "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:*", "matchCriteriaId": "17734480-66E4-488E-87A6-852CA3E4E014", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C9B9BE3-6F83-469E-834F-3E00CFECD8E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4170FCB7-274C-4318-B7A1-8F18DE604A2D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B91A0AA-44C0-4ED8-A7AC-54C9C83FFEFE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:expression_web:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "CE0C80DA-FA6F-42A5-8A81-E1DBF8A6117E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*", "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:groove_server:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "8D61B21F-E1A1-421A-BA3E-5D0D294A4325", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:groove_server:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "11874823-F6B3-4948-9A7B-FA903EF31005", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "FEECD12A-5BEF-4675-B62E-86CF4A7474D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "AED6C159-CD2C-436B-99BC-00E79A685D44", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "9C24FB09-DBAD-4F62-BBD6-B81B9EC83D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "6B7AEA5E-C3D7-4E6D-96F0-5F9A175631C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "D79B6572-E7DF-4CC2-B70B-9B31BE1B6A81", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka \"MSXML XSLT Vulnerability.\"" }, { "lang": "es", "value": "Microsoft XML Core Services (tambi\u00e9n conocido como MSXML) v4.0, v5.0 y v6.0 no analiza correctamente el contenido XML, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una p\u00e1gina web dise\u00f1ada, tambi\u00e9n conocido como \"Vulnerabilidad de MSXML XSLT.\"" } ], "id": "CVE-2013-0007", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-01-09T18:09:40.227", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-008A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-002" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15458" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-008A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15458" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-04-15 08:00
Modified
2025-04-09 00:30
Severity ?
Summary
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | office_converter_pack | 2003 | |
microsoft | office_word | 2000 | |
microsoft | office_word | 2002 | |
microsoft | windows_2000 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_server_2003 | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office_converter_pack:2003:*:*:*:*:*:*:*", "matchCriteriaId": "C6150F14-FF1A-4A2B-8114-B539520E585F", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word:2000:sp3:*:*:*:*:*:*", "matchCriteriaId": "C1B2B207-751F-4596-B805-B4622E312B93", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word:2002:sp3:*:*:*:*:*:*", "matchCriteriaId": "0E99B12F-0DB7-4D0F-AD54-DD906CC8E3BD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka \"Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability.\"" }, { "lang": "es", "value": "El conversor WordPerfect 6.x en Microsoft Office Word 2000 SP3 y Microsoft Office Converter Pack no valida adecuadamente la longitud de una cadena no especificada, lo cual permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero WordPerfect 6.x manipulado, tambi\u00e9n conocido como \"Vulnerabilidad de corrupci\u00f3n de pila en el conversor Word 2000 WordPerfect 6.x\"." } ], "id": "CVE-2009-0088", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-04-15T08:00:00.483", "references": [ { "source": "secure@microsoft.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782" }, { "source": "secure@microsoft.com", "url": "http://osvdb.org/53663" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022043" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2009/1024" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-010" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5736" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/53663" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1024" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5736" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-06-16 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*", "matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*", "matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"Layout Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 8 y 9 no maneja adecuadamente los objetos en memoria, lo qeu permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n accediendo a un objeto que (1) no haya sido iniciado adecuadamente o (2) sea eleiminado. Tambi\u00e9n se conoce como \"Vulnerabilidad de Dise\u00f1o de Corrupci\u00f3n de Memoria\"" } ], "id": "CVE-2011-1260", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-06-16T20:55:01.853", "references": [ { "source": "secure@microsoft.com", "url": "http://securityreason.com/securityalert/8275" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8275" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12308" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-07-31 13:20
Modified
2025-04-11 00:51
Severity ?
Summary
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
novell | client | 4.91 | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * | |
novell | client | 2.0 | |
microsoft | windows_server_2008 | - | |
microsoft | windows_vista | * | |
novell | client | 2.0 | |
microsoft | windows_7 | * | |
microsoft | windows_8 | - | |
microsoft | windows_8 | - | |
microsoft | windows_server_2008 | r2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:novell:client:4.91:sp5:*:*:*:*:*:*", "matchCriteriaId": "C5B2E11D-D93E-493C-A00D-DDE313E95C23", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:novell:client:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "50C0D7F1-AE0C-46CD-81A2-EABF54CAE8DE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:novell:client:2.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "E02BF436-28CC-4EC1-904E-403A39CE9174", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*", "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*", "matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call." }, { "lang": "es", "value": "El controlador del kernel NICM.SYS 3.1.11.0 en Novell Client 4.91 SP5 sobre Windows XP and Windows Server 2003; Novell Client 2 SP2 sobre Windows Vista y Windows Server 2008; y Novell Client 2 SP3 sobre Windows Server 2008 R2, Windows 7, Windows 8, y Windows Server 2012, permite a usuarios locales obtener privilegio a trav\u00e9s de una llamada 0x143B6B IOCTL manipulada." } ], "id": "CVE-2013-3956", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-07-31T13:20:28.763", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://pastebin.com/GB4iiEwR" }, { "source": "cve@mitre.org", "url": "http://www.exploit-db.com/exploits/26452" }, { "source": "cve@mitre.org", "url": "http://www.exploit-db.com/exploits/27191" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.novell.com/support/kb/doc.php?id=7012497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://pastebin.com/GB4iiEwR" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.exploit-db.com/exploits/26452" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.exploit-db.com/exploits/27191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.novell.com/support/kb/doc.php?id=7012497" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-08-12 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "058039EE-3B8F-4ED2-933E-4AFD53866002", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*", "matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "2C9B0563-D613-497D-8F2E-515E6DA00CA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka \"Remote Desktop Connection Heap Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la conexi\u00f3n remota de escritorio de Microsoft (anteriormente Terminal Services Client) cuando corre RDP desde v5.0 hasta v6.1 en Windows, y Cliente de escritorio remoto para Mac 2.0, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de par\u00e1metros sin especificar, tambi\u00e9n conocido como \"Vulnerabilidad de memoria din\u00e1mica en la conexi\u00f3n de escritorio remoto\"" } ], "id": "CVE-2009-1133", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-08-12T17:30:00.420", "references": [ { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36229" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1022709" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2238" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-044" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5693" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36229" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1022709" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5693" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-18 11:56
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
symantec | pgp_desktop | 10.0.0 | |
symantec | pgp_desktop | 10.0.1 | |
symantec | pgp_desktop | 10.0.2 | |
symantec | pgp_desktop | 10.0.3 | |
symantec | pgp_desktop | 10.1.0 | |
symantec | pgp_desktop | 10.1.1 | |
symantec | pgp_desktop | 10.1.2 | |
symantec | pgp_desktop | 10.2.0 | |
symantec | pgp_desktop | 10.2.1 | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * | |
symantec | encryption_desktop | 10.3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.0.0:-:*:*:*:windows:*:*", "matchCriteriaId": "8ECF6686-DE99-4E36-8755-F9428167F709", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.0.1:-:*:*:*:windows:*:*", "matchCriteriaId": "CCD53E72-7D94-437F-AE83-C077FAD671A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.0.2:-:*:*:*:windows:*:*", "matchCriteriaId": "A0604C91-EC64-490B-9C94-00C1757DADE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.0.3:-:*:*:*:windows:*:*", "matchCriteriaId": "1D633009-6006-4C62-8E23-F1380C66FA17", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.1.0:-:*:*:*:windows:*:*", "matchCriteriaId": "1F8F75CC-8725-44F1-9833-1279AE2FF49D", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.1.1:-:*:*:*:windows:*:*", "matchCriteriaId": "6FA86438-9097-463D-8EA5-6E49A46215F7", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.1.2:-:*:*:*:windows:*:*", "matchCriteriaId": "DBC102F4-B58F-43A7-BE48-849FA764ED32", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.2.0:-:*:*:*:windows:*:*", "matchCriteriaId": "C13CC0B6-F19B-4CBB-ACE8-4105D672C8AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:pgp_desktop:10.2.1:-:*:*:*:windows:*:*", "matchCriteriaId": "AA77179C-D1D1-4FCF-B1BF-2EA481966972", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:symantec:encryption_desktop:10.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "838DEBE6-2A04-4737-8282-5E7803B483A7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application." }, { "lang": "es", "value": "Desbordamiento de buffer en pgpwded.sys del Symantec PGP Desktop v10.x and Encryption Desktop v10.3.0 antes de MP1 en Windows XP y Server 2003 que permite a usuarios locales escalar privilegios por medio de aplicaciones creadas para este prop\u00f3sito." } ], "id": "CVE-2012-6533", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-18T11:56:38.807", "references": [ { "source": "secure@symantec.com", "url": "http://www.securityfocus.com/bid/57835" }, { "source": "secure@symantec.com", "tags": [ "Vendor Advisory" ], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2013\u0026suid=20130213_00" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/57835" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2013\u0026suid=20130213_00" } ], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka \"OLE Automation Remote Code Execution Vulnerability.\"" }, { "lang": "es", "value": "Vinculaci\u00f3n e incrustaci\u00f3n de objetos (OLE) de Microsoft Windows XP SP3 no asignan correctamente la memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un elaborado documento RTF, alias \"La automatizaci\u00f3n OLE vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo.\"" } ], "id": "CVE-2013-1313", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-13T12:04:14.087", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-020" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16385" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-21 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5", "versionEndIncluding": "5.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "E9D96EC5-8FFC-4C8D-9C3E-EFEE79D4D52C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "239FAB02-7526-4680-8E99-653C63B69788", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "A557D31B-4614-41E0-85EA-804C2DDF4919", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FE65977-B643-4E5F-9D8D-5C8717F96754", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1." }, { "lang": "es", "value": "WebKit, empleado en Safari anterior a v5.0.6, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria o ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado. Vulnerabilidad distinta de APPLE-SA-2011-07-20-1." } ], "id": "CVE-2011-0232", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-07-21T23:55:02.097", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4981" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4999" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4999" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*", "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F97EB992-2DC1-4E31-A298-072D8313130B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*", "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*", "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*", "matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:*", "matchCriteriaId": "93B86335-EF14-4E4F-B192-2A5323A47D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:*", "matchCriteriaId": "AA80EDC4-4E84-40BE-86D5-1825AFA85390", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:*", "matchCriteriaId": "0F3BF09C-04D2-4367-BE58-72AD396B4110", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*", "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*", "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*", "matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*", "matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "08AF794A-435D-4171-9DBB-EB7FAED96DBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*", "matchCriteriaId": "34FA62BE-D804-402D-9BDD-68BC70ECCD76", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_groove:2007:*:*:*:*:*:*:*", "matchCriteriaId": "828A3CB6-EB0A-4CCD-B786-7316564EE40A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_groove:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "F646992A-D3B7-4474-8E0B-65B99086D844", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "70B39422-2E91-4F2C-8338-8A9292956260", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "7F9C3119-B118-41E2-9622-FD40C6CC4B6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "B55849C3-649E-487B-B702-E2F4B25ECAB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*", "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*", "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*", "matchCriteriaId": "1889A686-9565-4958-99BB-2EC24ABDF272", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "5D7B01AE-F457-45C1-8A37-7ED65CAF8638", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:works:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "83EE0CCD-69AD-4705-9BB0-24688F7957F1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:platform_sdk:*:*:redistrutable_gdi\\+:*:*:*:*:*", "matchCriteriaId": "5E9AC6E2-D6C2-48E1-87C5-86470AC622DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "86B3074F-1673-4439-8582-F2786D0ED54D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:*", "matchCriteriaId": "28A57C4D-A305-4FF4-B9AC-853CAF7E30AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:*", "matchCriteriaId": "16FD5898-64D7-4F4F-A4C5-5E7BDF340E28", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:*:*:*:*:*:*:*", "matchCriteriaId": "ED077FFC-EBCC-4CD9-BF0E-0286B99C1965", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:*", "matchCriteriaId": "9AB2C8C4-7E86-4736-9CE4-2E65E4EDBF02", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*", "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "E5DE8B76-FA09-4EA2-9535-758C56C4C099", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "5E711CC3-9094-4C54-A794-9C7A3E7F4AFA", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka \"GDI+ WMF Integer Overflow Vulnerability.\"" }, { "lang": "es", "value": "Desbordamiento de entero en GDI+ en Microsoft Internet Explorer v6 SP1, Windows XP SP2 y SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, y SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web 2, Groove 2007 Gold y SP1, Works v8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold y SP1, y Forefront Client Security v1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de imagen WMF, tambi\u00e9n conocido como \"Vulnerabilidad de desbordamiento de entero GDI+ WMF\"" } ], "id": "CVE-2009-2500", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-10-14T10:30:01.327", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5967" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-05-06 12:47
Modified
2025-04-11 00:51
Severity ?
Summary
The SfnINSTRING function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x18d value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:-:*:*:*:*:*:*", "matchCriteriaId": "37BC01F4-DC65-47D9-A893-EBF76116A434", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:beta3:*:*:*:*:*:*", "matchCriteriaId": "FE5BA84E-5CC1-41BC-B1CE-ED35AFA42EA8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:gold:*:*:*:*:*:*", "matchCriteriaId": "7FA4B3F6-3677-49D7-838C-132C9FB16EC4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:rc1:*:*:*:*:*:*", "matchCriteriaId": "2D7C895B-C48D-44E9-B598-E105EA1E32E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:rc2:*:*:*:*:*:*", "matchCriteriaId": "3DE92EA6-F598-446C-BDC5-726D807FF2E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*", "matchCriteriaId": "6F3C557A-71D8-47F9-9E12-CE938F301E66", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*", "matchCriteriaId": "81C8959A-915B-472F-B043-A57BA11FDB93", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "B92137A3-71F9-466B-87CA-F3E9EF53AE4B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "0A8D49FA-C8F8-4B59-BBCB-924CC105B371", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:-:*:*:*:*:*:*", "matchCriteriaId": "D826455B-E635-4FB2-9428-81028E10D98F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x86:*:*:*:*:*", "matchCriteriaId": "C0BCF740-17F9-4E44-AA24-B25CDABFA5E8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:embedded:*:*:*:*:*", "matchCriteriaId": "6F874274-760A-4544-BA19-0DB4F051FBB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:media_center:*:*:*:*:*", "matchCriteriaId": "F3D392C5-7158-459B-B8F4-DB8A89442587", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:tablet_pc:*:*:*:*:*", "matchCriteriaId": "8A6EDD65-D857-49A4-89FF-8DDF0D016613", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "A74985B6-BCA5-49E3-878B-77D7FA43070C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*", "matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:professional:*:*:*:*:*", "matchCriteriaId": "279F8E64-F499-4189-997D-8DA748516A85", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:embedded:*:*:*:*:*", "matchCriteriaId": "B6031BA1-2F87-4556-A205-1E1B7661DFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional:*:*:*:*:*", "matchCriteriaId": "C29F02ED-85FC-4D22-A6DE-5F9C77ECCD70", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "5B057984-EB55-42E8-B34D-E644E9D5DB04", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:x86:*:*:*:*:*", "matchCriteriaId": "7C6F35C9-526E-4E10-96F7-921F0509EE43", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:64-bit-2002:*:*:*:*:*", "matchCriteriaId": "97080724-3E69-41F8-A24F-FA47E5D813B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:64-bit-2003:*:*:*:*:*", "matchCriteriaId": "F51D11C1-0C1E-4062-96B9-80D2D409160B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:home:*:*:*:*:*", "matchCriteriaId": "4FBE976D-F5F0-4BE0-84D4-5534B460792C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:gold:x64:*:*:*:*:*", "matchCriteriaId": "135FCE5E-4296-4D8C-AF7B-84D20CD275EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:home:*:*:*:*:*", "matchCriteriaId": "52FFB338-1972-47ED-9659-341E5187BBB8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:home:*:*:*:*:*", "matchCriteriaId": "A1B0FA50-529D-4D33-9B6E-F32AF0A8FD90", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:embedded:*:*:*:*:*", "matchCriteriaId": "CA7D63F4-C373-4B7E-AA56-2D62B9CAF849", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:home:*:*:*:*:*", "matchCriteriaId": "D586C749-9D00-4546-9941-CCFBD41BAABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:media_center:*:*:*:*:*", "matchCriteriaId": "72AF15F9-4AE2-40FE-A598-1284BA3A06D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:professional:*:*:*:*:*", "matchCriteriaId": "471B4ADA-8627-48BC-B13F-FF5F38F55C9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:tablet_pc:*:*:*:*:*", "matchCriteriaId": "21BCA9B5-A8B0-4273-8C5E-665E118695DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:sp3:*:*:*:*:*:*:*", "matchCriteriaId": "E69F8C21-5996-4083-A02A-F04AE948CEA9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:sp3:unknown:english:*:*:*:*:*", "matchCriteriaId": "78995D27-1EE0-4983-A6A4-BB89B49475E0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SfnINSTRING function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x18d value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window." }, { "lang": "es", "value": "La funci\u00f3n SfnINSTRING de win32k.sys en el kernel de Microsoft Windows 2000, XP y Server 2003 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) mediante un valor 0x18d en el segundo argumento (conocido como el argumento Msg) de una llamada a la funci\u00f3n PostMessage para la ventana DDEMLEvent." } ], "id": "CVE-2010-1734", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-05-06T12:47:23.830", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/39456" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://vigilance.fr/vulnerability/Windows-denials-of-service-of-win32k-sys-9607" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/510886/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/39631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/39456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://vigilance.fr/vulnerability/Windows-denials-of-service-of-win32k-sys-9607" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/510886/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/39631" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-03-28 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header." }, { "lang": "es", "value": "El m\u00e9todo setRequestHeader del objeto XMLHttpRequest en Microsoft Internet Explorer versiones 5.01, 6 y 7 no bloquea los encabezados de petici\u00f3n HTTP peligrosos cuando ciertas secuencias de caracteres de 8 bits se anexan a un nombre de encabezado, lo que permite a los atacantes remotos (1) dirigir la divisi\u00f3n de peticiones HTTP y los ataques de contrabando de peticiones HTTP por medio de un encabezado de contenido largo inapropiado, (2) acceden a hosts virtuales arbitrarios por medio de un encabezado de host modificado, (3) omisi\u00f3n de las restricciones de referencia por medio de un encabezado Referer inapropiado y (4) omisi\u00f3n de la p\u00f3liza mismo origen y conseguir informaci\u00f3n confidencial por medio de un encabezado de petici\u00f3n creado." } ], "id": "CVE-2008-1544", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-03-28T23:44:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29453" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3785" }, { "source": "cve@mitre.org", "url": "http://www.mindedsecurity.com/MSA02240108.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489954/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/28379" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020226" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0980" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1778" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-031" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5291" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29453" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3785" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mindedsecurity.com/MSA02240108.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489954/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/28379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020226" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0980" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1778" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-031" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5291" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-05-20 14:44
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "D253112B-009C-45DA-8354-E9154B42F35F", "versionEndIncluding": "11.0.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "6775CF5C-2083-4622-9D9B-DF7AB4F07422", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C84CFAD-5D0F-4BBE-A603-D7A2E8BFB28F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "0A599C14-8294-40D2-BCF2-183AF3D3AD84", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E2375C00-64ED-4027-810F-BA9E561385D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "9C720899-5ED4-4B7F-B90F-043DE7D91C44", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.2.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "81A2EB90-E0C6-47B0-91BD-F77A721C163F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "A1CA3CEB-11D9-4B24-82A1-D7EE77C2E7B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FF65883-4445-4436-98C5-35D9D2E1907B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "A0CCD602-FC35-4FD5-B976-4B585C5AA254", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.4.0.80:*:*:*:*:*:*:*", "matchCriteriaId": "D82F9D18-690C-4F81-A940-C509C5AC8D30", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "00B09F07-11C7-4A0A-9367-3A12E9B21110", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "87884DFE-9254-4CF3-A002-16DB880AA0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "78B3119A-8986-4F13-9156-F8C9D1D8BC06", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCA7E822-3EEC-4BF1-93A3-3E474BB4651A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.5.1.42:*:*:*:*:*:*:*", "matchCriteriaId": "5AC29E4A-A3C2-4D8A-B7AF-823A31EEEFF9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A6AACF2A-2CF0-4631-A979-B226D063275E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8020420-4C59-4536-9F73-AEC7999F766B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.6:*:*:*:*:*:*:*", "matchCriteriaId": "3822ACC2-5FEC-4F97-A5B2-8FE9D8EFC860", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6DE4341F-4022-4BD2-B1B5-EE2DDDF2A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "54EE7E9B-DA2A-42F4-83D9-7E59B2DE7747", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1." }, { "lang": "es", "value": "WebKit, usado en Apple iTunes anterior a 11.0.3, permite a atacantes man-in-the-middle la ejecuci\u00f3n de c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con la navegaci\u00f3n en la iTunes Store. Vulnerabilidad distinta de otros CVEs listados en APPLE-SA-2013-05-16-1." } ], "id": "CVE-2013-0995", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-05-20T14:44:34.580", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/54886" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5766" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5785" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5934" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17561" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/54886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5766" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5785" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5934" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17561" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016." }, { "lang": "es", "value": "Condici\u00f3n de carrera en win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, y Windows 7 Gold y SP1 permite a usuarios locales elevar sus privilegios, y en consecuencia leer los contenidos de ubicaciones de memoria del kernel aleatorias a trav\u00e9s de una aplicaci\u00f3n modificada, Se trata de una vulnerabilidad diferente a otros CVEs enumerados en MS13-016." } ], "id": "CVE-2013-1270", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-13T12:04:13.477", "references": [ { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16349" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-04-26 20:06
Modified
2025-04-03 01:03
Severity ?
Summary
Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://ingehenriksen.blogspot.com/2006/04/office-2003-file-attachment-exploit.html | Broken Link | |
cve@mitre.org | http://www.securityfocus.com/archive/1/432009/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.vupen.com/english/advisories/2006/1538 | Broken Link | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/26118 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://ingehenriksen.blogspot.com/2006/04/office-2003-file-attachment-exploit.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/432009/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/1538 | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/26118 | Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | internet_explorer | 6.0 | |
microsoft | windows_xp | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via \" (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API." } ], "id": "CVE-2006-2056", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-04-26T20:06:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://ingehenriksen.blogspot.com/2006/04/office-2003-file-attachment-exploit.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/432009/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2006/1538" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26118" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://ingehenriksen.blogspot.com/2006/04/office-2003-file-attachment-exploit.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/432009/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2006/1538" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26118" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-88" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-10-12 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "3945FBC4-84DB-4121-982A-9B39EB860E03", "versionEndIncluding": "10.4.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8961EDA-B567-4D92-8DBC-F887712F3BD2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "A60A3349-DE6E-4381-81C0-E682B791ED61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6EF2759C-6F94-4769-8EB2-16947C05CBB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0F53FF4-8A15-475C-9FF6-54073A3F1B08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "80AFD7E5-A66F-4E43-BC34-EB6BF59186D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E2375C00-64ED-4027-810F-BA9E561385D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "9C720899-5ED4-4B7F-B90F-043DE7D91C44", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "A1CA3CEB-11D9-4B24-82A1-D7EE77C2E7B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FF65883-4445-4436-98C5-35D9D2E1907B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "A0CCD602-FC35-4FD5-B976-4B585C5AA254", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding." }, { "lang": "es", "value": "Desbordamiento de buffer en CoreMedia, tal como se usa en Apple iTunes en versiones anteriores a 10.5, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un fichero multimedia codificado con H.264." } ], "id": "CVE-2011-3219", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-10-12T18:55:01.847", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://osvdb.org/76374" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4981" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5002" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5016" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17228" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/76374" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17228" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-06-12 02:32
Modified
2025-04-09 00:30
Severity ?
Summary
Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | 2008 | |
microsoft | windows-nt | xp | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_2003_server | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x32:*:*:*:*:*", "matchCriteriaId": "7AF8B188-A5E0-4D53-9FE1-C72BD956191B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*", "matchCriteriaId": "2B89E436-C99E-4F68-AADD-E5980B346E95", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:pro:*:*:*:*:*", "matchCriteriaId": "EFE32C06-74E0-4C0D-8C12-B20282AB9F7E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*", "matchCriteriaId": "972ADDBC-5D6E-48D5-9DB7-44FE0539807D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request." }, { "lang": "es", "value": "Active Directory en Microsoft Windows 2000 Server SP4, XP Professional SP2 y SP3, Server 2003 SP1 y SP2, y Server 2008 permite a usuarios autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del sistema o reinicio) a trav\u00e9s de una petici\u00f3n LDAP manipulada." } ], "id": "CVE-2008-1445", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-06-12T02:32:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Permissions Required", "Vendor Advisory" ], "url": "http://secunia.com/advisories/30586" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1020229" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/493338/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/493342/100/0/threaded" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/29584" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "secure@microsoft.com", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/1782" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-035" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4910" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Vendor Advisory" ], "url": "http://secunia.com/advisories/30586" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1020229" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493338/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493342/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/29584" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.vupen.com/english/advisories/2008/1782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-035" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4910" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-09-11 01:11
Modified
2025-04-09 00:30
Severity ?
Summary
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | digital_image_suite | 2006 | |
microsoft | forefront_client_security | 1.0 | |
microsoft | internet_explorer | 6 | |
microsoft | office | 2003 | |
microsoft | office | 2003 | |
microsoft | office | 2007 | |
microsoft | office | 2007 | |
microsoft | office | xp | |
microsoft | powerpoint_viewer | 2003 | |
microsoft | report_viewer | 2005 | |
microsoft | report_viewer | 2008 | |
microsoft | sql_server | 2005 | |
microsoft | sql_server_reporting_services | 2000 | |
microsoft | visio | 2002 | |
microsoft | works | 8.0 | |
microsoft | windows_server_2008 | - | |
microsoft | windows_vista | * | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:digital_image_suite:2006:*:*:*:*:*:*:*", "matchCriteriaId": "24F42695-7FB7-4C43-A9A7-8A234B6E5937", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "578221F3-4C20-4A3F-A286-5A4680E8785D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:*", "matchCriteriaId": "E438882E-1AAE-477E-B885-D4E95D2AE88A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powerpoint_viewer:2003:*:*:*:*:*:*:*", "matchCriteriaId": "11499249-45FC-4E05-9362-058D1ADA8078", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:*", "matchCriteriaId": "033138E1-82C7-443C-89C1-23D8032674CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:report_viewer:2008:*:*:*:*:*:*:*", "matchCriteriaId": "30E84216-227B-4074-B65B-6AA399D4A8DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*", "matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:*", "matchCriteriaId": "377777D4-0649-4732-9E38-E4074056C561", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*", "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "293914AF-6101-4F50-9560-A4EA99D767C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*", "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka \"GDI+ GIF Parsing Vulnerability.\"" }, { "lang": "es", "value": "La biblioteca gdiplus.dll en GDI en Microsoft Internet Explorer versi\u00f3n 6 SP1, Windows XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, Server 2008, Office XP SP3, Office 2003 SP2 y SP3, 2007 Microsoft Office System Gold y SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works versi\u00f3n 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 y 2008, y Forefront Client Security versi\u00f3n 1.0, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen GIF malformado que contiene muchos marcadores de extensi\u00f3n para extensiones de control gr\u00e1fico y etiquetas desconocidas posteriores, tambi\u00e9n se conoce como \"GDI+ GIF Parsing Vulnerability.\"" } ], "id": "CVE-2008-3013", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-09-11T01:11:47.103", "references": [ { "source": "secure@microsoft.com", "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/32154" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/31020" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1020836" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2520" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2696" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056" }, { "source": "secure@microsoft.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/32154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/496154/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/31020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1020836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2696" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-056/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-052" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5986" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-05-07 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 uses predictable transaction IDs that are formed by incrementing a previous ID by 1, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html | Broken Link | |
cve@mitre.org | http://securitytracker.com/id?1023939 | Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs | Third Party Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/39908 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1023939 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/39908 | Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | - | |
microsoft | windows_2000 | - | |
microsoft | windows_2000 | - | |
microsoft | windows_2000 | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - | |
microsoft | windows_xp | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2003 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | - | |
microsoft | windows_server_2008 | r2 | |
microsoft | exchange_server | 2003 | |
microsoft | exchange_server | 2003 | |
microsoft | exchange_server | 2003 | |
microsoft | exchange_server | 2007 | |
microsoft | exchange_server | 2007 | |
microsoft | exchange_server | 2007 | |
microsoft | exchange_server | 2010 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "A23A90DA-6E38-4479-926A-BD29F438F602", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "FF99A17F-9469-4937-A23B-FD5C8B37087B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "530FC172-94E1-481A-9810-26061D22B6AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "2572F7E5-75A3-4C11-866B-A4E9ADBD8D08", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "5494A20A-5927-4249-942C-189292E5F956", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:exchange_server:2003:-:*:*:*:*:*:*", "matchCriteriaId": "E2337C2B-EEC2-48B3-93C0-FE1FE7D41273", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "01E472FC-3001-48A5-908D-B42467B3DBA9", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "71A2E549-5F21-4842-BEB3-380CD4029C16", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2007:-:*:*:*:*:*:*", "matchCriteriaId": "1C02EC1D-5707-4F3F-BA98-6B27BA8C5D55", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "9C218952-1BB8-4915-B31F-9D23543FC83E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "467795BD-8CB6-4381-A448-D54104EE490E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:-:*:*:*:*:*:*", "matchCriteriaId": "1E3D7891-E16D-4106-8F81-DF93590AFFD2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 SP3 and earlier, Exchange Server 2007 SP2 and earlier, and Exchange Server 2010 uses predictable transaction IDs that are formed by incrementing a previous ID by 1, which makes it easier for man-in-the-middle attackers to spoof DNS responses, a different vulnerability than CVE-2010-0024 and CVE-2010-0025." }, { "lang": "es", "value": "La implementaci\u00f3n DNS en smtpsvc.dll anteriores a v6.0.2600.5949 en Microsoft Windows 2000 SP4 y anteriores, Windows XP SP3 y anteriores, Windows Server 2003 SP2 y anteriores, Windows Server 2008 SP2 y anteriores , Windows Server 2008 R2, Exchange Server 2003 SP3 y anteriores, Exchange Server 2007 SP2 y anteriores, y Exchange Server 2010 usa IDs de transacci\u00f3n predecibles que se pueden obtener de sumar 1 a la anterior, lo que provoca que sea f\u00e1cil que un atacante capture respuestas DNS mediante un ataque \"hombre-en-medio\" (man-in-the-middle), es una vulnerabilidad distinta a CVE-2010-0024 and CVE-2010-0025." } ], "id": "CVE-2010-1689", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2010-05-07T18:30:01.640", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1023939" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/39908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://securitytracker.com/id?1023939" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/39908" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-310" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-07-30 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0FB273F-C654-4E6C-A1D9-2B9843AED5D1", "versionEndIncluding": "5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDAE0519-97A9-48AD-9E8F-DA3B99AAFF7B", "versionEndIncluding": "4.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "46D8318A-9383-42A7-9A6A-2EB2736338B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus." }, { "lang": "es", "value": "Vulnerabilidad de usar despu\u00e9s de liberar en WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores de ataque relacionados con el elemento focus." } ], "id": "CVE-2010-1780", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-07-30T20:30:01.910", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/42314" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43086" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4334" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4456" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0216" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10964" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4276" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4456" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/42020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10964" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-07-21 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACFDCD2B-162B-449B-B380-9A5A2CB2BFF5", "versionEndIncluding": "5.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*", "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*", "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*", "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*", "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "matchCriteriaId": "7E44913D-BC8B-4AA1-84EB-EFEAC531B475", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "79DC6C51-CEEA-4CBF-87D2-8007B7C3D67F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7B6AD89-D60C-4C8F-A9E6-4380A6B8DB13", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2451165-7831-426E-BA07-B3A57F3589C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "410E58BC-72AF-4695-8022-A08913077BC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DE630BC-7E63-40DF-BB8B-327513F5DBAF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BD80CA73-5612-4799-9084-09BAA7938F53", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C670E9A-9EDE-45D6-A92D-8764FCF74D7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "17A3218C-F9D1-486C-A101-86B76BD70CCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "E9D96EC5-8FFC-4C8D-9C3E-EFEE79D4D52C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "239FAB02-7526-4680-8E99-653C63B69788", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "A557D31B-4614-41E0-85EA-804C2DDF4919", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "5FE65977-B643-4E5F-9D8D-5C8717F96754", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1." }, { "lang": "es", "value": "WebKit, como se usa en Safari de Apple anterior a v5.0.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs WebKit listados en APPLE-SA-2011-07-20-1." } ], "id": "CVE-2011-1462", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-07-21T23:55:02.677", "references": [ { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT4981" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT4999" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4808" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4999" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-05-24 16:43
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "888294F0-559E-4B0B-B409-01710C2FADCF", "versionEndIncluding": "7.7.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A4C6772-CD24-46FD-AEBE-BF8BB16B5BB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "85ADED98-62C6-4961-894C-1D26E3B3EE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F522CEA4-B3BB-4C94-B070-6679EEA43439", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B630944-F838-4C02-90D4-F5EB2A073CA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9066C81B-A69F-450D-8606-5E29AF1AD286", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "71285AD2-3966-4817-B630-8335BE985D56", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2458480E-F222-452A-AB21-933F924F8F6F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "30C83A78-6BB9-443E-B508-CC6F8D157A6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61463F4F-BBE0-42AA-AC22-8F39E94EB520", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F43E39C4-6A08-4C38-BC7D-573F40978527", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC0E0EA8-2947-44F9-BCFA-F4CFA34E9EFD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B84D320E-ACA2-4B6E-B682-00202B9ADF2F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "81E0F160-4B70-45CD-B8AC-AB30ADDB8D2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "97FEBA83-C845-4334-9B9A-921BA0F44DE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE2A89-B2FC-413D-A059-526E6DE301BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0C835F2-4F9E-45A6-8112-C2D8CB1A39AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8461AF0A-D4D3-4010-A881-EDBB95003083", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5C8E5C77-573F-4EA3-A59C-4A7B11946E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C6E08BF-737E-4512-9BB8-5B4B03A2F8B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D22D0674-0EC7-4176-97FB-940F2F7D6AFC", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A6470EC-B72B-404C-9E69-03C3FEFD56F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA3FB6BA-D0FA-4DC3-8A4D-453C2EE51D09", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "58F5F530-033D-49D8-ABD5-F4285DA7DA40", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3A0A9EC6-9531-4024-8325-DD9318653AE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "CDDB11E0-3853-4C93-AC64-599A1A3606CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "6C2A95FA-0C02-45AD-B9C0-AB6310DAD5B2", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "CCD69789-11BA-410F-ABEB-0D34CBF817E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "506422A5-F1E6-4D07-B947-4E265AC16ABD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC323B5D-9ED9-403D-8048-3C39A7CEF2C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "16576679-FD00-4DBE-B49C-BC2A8AD4E0BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:quicktime:7.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "98FED5F4-24B7-4028-AF48-E8CBE2CA5E1D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en Apple QuickTime antes de v7.7.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo MP3 modificado." } ], "id": "CVE-2013-0989", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-05-24T16:43:58.543", "references": [ { "source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2013/May/msg00001.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5770" }, { "source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5784" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16831" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2013/May/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT5770" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16831" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-03-17 10:19
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing attacks and possibly execute arbitrary code via a res: URI to navcancl.htm with an arbitrary URL as an argument, which displays the URL in the location bar of the "Navigation Canceled" page and injects the script into the "Refresh the page" link, aka Navigation Cancel Page Spoofing Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_vista | * | |
microsoft | ie | 7.0 | |
microsoft | windows_xp | * | |
microsoft | ie | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*", "matchCriteriaId": "3E51CBF2-EFFD-407D-AB34-BDE69EFD60E8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*", "matchCriteriaId": "3E51CBF2-EFFD-407D-AB34-BDE69EFD60E8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing attacks and possibly execute arbitrary code via a res: URI to navcancl.htm with an arbitrary URL as an argument, which displays the URL in the location bar of the \"Navigation Canceled\" page and injects the script into the \"Refresh the page\" link, aka Navigation Cancel Page Spoofing Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer versi\u00f3n 7.0 en Windows XP y Vista, permite a los atacantes remotos conducir ataques de phishing y posiblemente ejecutar c\u00f3digo arbitrario por medio de un URI res: en el archivo navcancl.htm con una URL arbitraria como argumento, que muestra la URL en la barra de direcciones de la pagina \"Navigation Canceled\" e inyecta el script hacia el enlace \"Refresh the page\", tambi\u00e9n se conoce como \"Navigation Cancel Page Spoofing Vulnerability.\"" } ], "id": "CVE-2007-1499", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-03-17T10:19:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://aviv.raffon.net/2007/03/14/PhishingUsingIE7LocalResourceVulnerability.aspx" }, { "source": "cve@mitre.org", "url": "http://news.com.com/2100-1002_3-6167410.html" }, { "source": "cve@mitre.org", "url": "http://osvdb.org/35352" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24535" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/25627" }, { "source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2448" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018235" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462833/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462939/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462945/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/22966" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0946" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2153" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33026" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1715" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://aviv.raffon.net/2007/03/14/PhishingUsingIE7LocalResourceVulnerability.aspx" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://news.com.com/2100-1002_3-6167410.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/35352" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/25627" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462833/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462939/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462945/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22966" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0946" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2153" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1715" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-02-13 20:28
Modified
2025-04-09 00:30
Severity ?
Summary
The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption." }, { "lang": "es", "value": "El componente OLE Dialog en Microsoft Windows 2000 SP4, XP SP2, y 2003 SP1 permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero RTF con un objeto OLE que dispara una corrupci\u00f3n de memoria." } ], "id": "CVE-2007-0026", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-02-13T20:28:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/24147" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/497756" }, { "source": "secure@microsoft.com", "url": "http://www.osvdb.org/31885" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/22483" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1017637" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/0580" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-011" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A540" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/497756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/31885" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22483" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0580" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A540" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-02-10 16:00
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to a "dangling pointer," aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2010-2556 and CVE-2011-0035.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to a \"dangling pointer,\" aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-2556 and CVE-2011-0035." }, { "lang": "es", "value": "Microsoft Internet Explorer 6, 7 y 8 no controlan correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el acceso a un objeto que (1) no se ha inicializado correctamente o (2) se ha eliminado, lo que provoca que la memoria se corrompa. Esta vulnerabilidad est\u00e1 relacionada con un \"dangling pointer\" o \"Uninitialized Memory Corruption Vulnerability\", que es una vulnerabilidad diferente de CVE-2010-2556 y CVE-2011-0035." } ], "id": "CVE-2011-0036", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-02-10T16:00:13.550", "references": [ { "source": "secure@microsoft.com", "url": "http://osvdb.org/70832" }, { "source": "secure@microsoft.com", "url": "http://support.avaya.com/css/P8/documents/100127294" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/46158" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1025038" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0318" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-003" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64912" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12261" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/70832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/css/P8/documents/100127294" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46158" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0318" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64912" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12261" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-02-12 21:00
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp2 | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request." }, { "lang": "es", "value": "Vulnerabilidad sin especificar en Active Directory de Microsoft Windows 2000 y Windows Server 2003 y Active Directory Application Mode (ADAM) de XP y Server 2003. Permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue y reinicio) a trav\u00e9s de una petici\u00f3n LDAP manipulada." } ], "id": "CVE-2008-0088", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-02-12T21:00:00.000", "references": [ { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "secure@microsoft.com", "url": "http://secunia.com/advisories/28764" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/27638" }, { "source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1019382" }, { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/0505/references" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-003" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5181" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28764" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27638" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019382" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0505/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5181" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2013-02-13 12:04
Modified
2025-04-11 00:51
Severity ?
Summary
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*", "matchCriteriaId": "A2C3594F-7C2C-4E2D-9BC5-F4F89B7BF4D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*", "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*", "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7C684420-1614-4DAE-9BD9-F1FE9102A50F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*", "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016." }, { "lang": "es", "value": "Condici\u00f3n de carrera en win32k.sys en los controladores kernel-mode de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, permite a usuarios locales obtener privilegios a trav\u00e9s de aplicaciones manipuladas que pueden leer ubicaciones de memoria arbitrarias del kernel. Vulnerabilidad distinta de otros CVE\u0027s listados en MS13-016." } ], "id": "CVE-2013-1264", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2013-02-13T12:04:13.180", "references": [ { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16379" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element." }, { "lang": "es", "value": "WebKit en Safari de Apple anterior a versi\u00f3n 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, y anterior a versi\u00f3n 4.1 sobre Mac OS X versi\u00f3n 10.4, no realiza apropiadamente las inserciones de lista ordenadas, lo que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de un documento HTML especialmente dise\u00f1ado, relacionado con la inserci\u00f3n de un elemento no especificado hacia un contenedor editable y el acceso de un elemento no inicializado." } ], "id": "CVE-2010-1398", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T18:00:29.190", "references": [ { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40196" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/41856" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4220" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4225" }, { "source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "product-security@apple.com", "url": "http://www.securityfocus.com/archive/1/511719/100/0/threaded" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "product-security@apple.com", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-097" }, { "source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7556" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/41856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/511719/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1006-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1512" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/2722" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2011/0552" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-097" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7556" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-08-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*", "matchCriteriaId": "BADB0479-3E0E-4326-B568-9DBDCACF0B5E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*", "matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:*:*:*:*", "matchCriteriaId": "A9408620-06A8-4A3C-97C8-41A688282E3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers \"inactive filtering,\" aka \"Shift JIS Character Encoding Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Internet Explorer 6 hasta la versi\u00f3n 9 no maneja apropiadamente secuencias de caracteres sin especificar, lo que permite a atacantes remotos leer contenido de un diferente (1) dominio o (2) zona a trav\u00e9s de una web modificada que provoca un \"filtrado interactivo\". Tambi\u00e9n conocido como \"vulnerabilidad de codificaci\u00f3n de caracteres Shift JIS\"." } ], "id": "CVE-2011-1962", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2011-08-10T21:55:01.423", "references": [ { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057" }, { "source": "secure@microsoft.com", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12657" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2011-01-20 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka \"Win32k Keyboard Layout Vulnerability.\" NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889." }, { "lang": "es", "value": "Los controladores de modo kernel de Microsoft Windows XP Service Pack 3 no realizan correctamente la indexaci\u00f3n de una tabla de funciones de puntero durante la carga de la distribuci\u00f3n del teclado desde el disco, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, como se demuestr\u00f3 en julio de 2010 con el gusano Stuxnet, tambi\u00e9n conocido como \"Vulnerabilidad de distribuci\u00f3n del teclado Win32k.\" NOTA: este podr\u00eda ser un duplicado de CVE-2010-3888 o CVE-2010-3889." } ], "id": "CVE-2010-2743", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2011-01-20T21:00:01.380", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-073" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7514" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7514" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net_framework:1.0:sp2:sdk:*:*:*:*:*", "matchCriteriaId": "644D1C0E-482D-4C6D-AE9D-6B1F99306BC8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:digital_image_pro:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "DED35E4C-1108-44AE-BA55-A008EB9864ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:digital_image_pro:9:*:*:*:*:*:*:*", "matchCriteriaId": "BCC28680-6FA1-424A-BB8D-5E37E04D4089", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:digital_image_suite:9:*:*:*:*:*:*:*", "matchCriteriaId": "370835D5-D28A-4961-B1B4-72E889596D07", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*", "matchCriteriaId": "082D3262-87E3-4245-AD9C-02BE0871FA3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*", "matchCriteriaId": "5F79E0AB-7081-4F97-BFE4-9AF84F643B9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:frontpage:2002:*:*:*:*:*:*:*", "matchCriteriaId": "6548F837-A687-4EEF-B754-DAA834B34FA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:frontpage:2003:*:*:*:*:*:*:*", "matchCriteriaId": "3C79FEE1-70A3-4A48-BE7B-0D18F0A5FA7F", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:greetings:2002:*:*:*:*:*:*:*", "matchCriteriaId": "69AFBA4D-6F42-4ED9-9DF4-4A9C29B3ED8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:infopath:2003:*:*:*:*:*:*:*", "matchCriteriaId": "345BC07E-1558-4C27-BF1A-C13547D175FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*", "matchCriteriaId": "DB7EA4CC-E705-42DB-86B6-E229DA36B66D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:onenote:2003:*:*:*:*:*:*:*", "matchCriteriaId": "36BA88A3-A31F-4F90-8913-67D5BC00E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*", "matchCriteriaId": "3FE6EAE0-5A8F-4A97-950B-879379A3C0F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*", "matchCriteriaId": "C3189982-F780-4AC2-9663-E6D4DF9DD319", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:picture_it:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D85EB5B-A9FE-497E-9922-6D6BDD0C6975", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:picture_it:9:*:*:*:*:*:*:*", "matchCriteriaId": "A27F0EA6-C023-47C5-8F26-7E8A665533F5", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:picture_it:2002:*:*:*:*:*:*:*", "matchCriteriaId": "337555B3-6318-41FE-9AD7-6CEAA46F0DF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*", "matchCriteriaId": "711D9CC0-31B8-4511-A9F3-CA328A02ED84", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*", "matchCriteriaId": "F5611EFD-2C7C-47BA-83E5-947EA00D8E6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:producer:*:gold:office_powerpoints:*:*:*:*:*", "matchCriteriaId": "999276CD-D074-4AB1-A53E-5133A3B7BFF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*", "matchCriteriaId": "9B14AE8E-1BFF-4458-87CC-357957F18F8A", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:project:2003:*:*:*:*:*:*:*", "matchCriteriaId": "34EFAEFE-2BDE-4111-91F5-E9F75ADFA920", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*", "matchCriteriaId": "99ED878A-CFC5-4FD5-A403-EB16CC4F8BC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*", "matchCriteriaId": "617E8BE3-8AD0-42FC-BDEE-6B1F120AE512", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*", "matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visio:2003:*:*:*:*:*:*:*", "matchCriteriaId": "511E22C6-DB04-44A0-906D-F432DD42CA5C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_basic:2002:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "B3B633A9-519A-4179-9F10-3C2C5C9BA6B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_basic:2003:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "D6D51C0E-BFF4-46A0-A8FD-45BE591DA347", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_c\\#:2002:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "1A1D8127-80AC-4D5B-9D1C-DA2406EF6666", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_c\\#:2003:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "8916C0DE-2759-4F97-B7D7-0BCFDC41AB4D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2002:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "F1090984-34A7-4A21-B903-3FF5E5AB7D5D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_c\\+\\+:2003:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "A0BED5B2-5F57-4FC8-8B51-908A311B480B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_j\\#_.net:2003:*:.net_standard:*:*:*:*:*", "matchCriteriaId": "CC13A32B-5F2A-42A4-95B5-D13EE78F013B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2002:gold:*:*:*:*:*:*", "matchCriteriaId": "E17BD019-DD35-413E-ACBA-2E77C8A1247D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:gold:*:*:*:*:*:*", "matchCriteriaId": "B9E6C132-4F4B-4FB0-9DDC-DD9750D8552D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*", "matchCriteriaId": "2D90B1E1-23CD-4595-AD78-DA1758E9896D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*", "matchCriteriaId": "379C2A4A-78EF-473D-954B-F5DD76C3D6CF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", "matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un campo de longitud JPEG COM peque\u00f1o que es normalizado a una longitud de entero grande antes de una operaci\u00f3n de copia de memoria." } ], "id": "CVE-2004-0200", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2004-09-28T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/297462" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/297462" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-02-10 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "SMB Memory Corruption Vulnerability."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "4D5F7729-A095-43DF-BF2F-B4B6938087FA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka \"SMB Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "M\u00faltiples condiciones de carrera en la implementaci\u00f3n en el servicio Server en Microsoft Windows Vista Gold, SP1, y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue del sistema) a trav\u00e9s de paquetes de negociaci\u00f3n (1) SMBv1 o (2)SMBv2 manipulados, tambi\u00e9n conocidos como \"SMB Memory Corruption Vulnerability.\"" } ], "id": "CVE-2010-0021", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2010-02-10T18:30:00.987", "references": [ { "source": "secure@microsoft.com", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8524" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2009-10-14 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | http://www.us-cert.gov/cas/techalerts/TA09-286A.html | Third Party Advisory, US Government Resource | |
secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-051 | Patch, Vendor Advisory | |
secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6407 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-286A.html | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-051 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6407 | Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEC28F-EB69-4B28-AAE9-674DE2C994E7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*", "matchCriteriaId": "3778BBD3-6C58-46DF-B1EB-ED02513CA8D6", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEC28F-EB69-4B28-AAE9-674DE2C994E7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*", "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "ABBA5D64-4184-4420-B7D0-A4E41359AA5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*", "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*", "matchCriteriaId": "BAB70FD5-09F3-4215-99C4-299EDE8D26DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x86:*", "matchCriteriaId": "283F5DF4-B68A-4C1D-822A-1C0EB67C2C35", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "F8216946-5F76-48B9-91CC-207F657D7D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x86:*", "matchCriteriaId": "B36BFDA7-596B-45EA-AACE-F8A796CECDBB", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x64:*", "matchCriteriaId": "06E7E0F7-AA6F-477C-AAA7-C0419CD2F3BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:x64:*", "matchCriteriaId": "687E66DB-E5CC-4B13-B9B7-89CC6B49B693", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*", "matchCriteriaId": "0161C884-70A5-4AD0-BD80-F0F7B3D8579E", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka \"Windows Media Runtime Voice Sample Rate Vulnerability.\"" }, { "lang": "es", "value": "Microsoft Windows Media Runtime, como se utiliza en DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, y Audio Compression Manager (ACM), no accede correctamente a los ficheros ASF, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de audio manipulado que utiliza el codec Windows Media Speech, tambi\u00e9n conocido como \"Vulnerabilidad de Windows Media Runtime Voice Sample Rate\"." } ], "id": "CVE-2009-0555", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2009-10-14T10:30:00.920", "references": [ { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-051" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-051" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6407" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-02-14 19:06
Modified
2025-04-03 01:03
Severity ?
Summary
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | office | 2003 | |
microsoft | office | 2003 | |
microsoft | office | 2003 | |
microsoft | windows_2003_server | datacenter_64-bit | |
microsoft | windows_2003_server | enterprise | |
microsoft | windows_2003_server | enterprise | |
microsoft | windows_2003_server | enterprise_64-bit | |
microsoft | windows_2003_server | enterprise_64-bit | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | r2 | |
microsoft | windows_2003_server | standard | |
microsoft | windows_2003_server | standard | |
microsoft | windows_2003_server | standard_64-bit | |
microsoft | windows_2003_server | web | |
microsoft | windows_2003_server | web | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * | |
microsoft | windows_xp | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*", "matchCriteriaId": "DB7EA4CC-E705-42DB-86B6-E229DA36B66D", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "4EED9D78-AE73-44BA-A1CE-603994E92E89", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*", "matchCriteriaId": "BE3DF901-734B-4956-9D22-FE4608A31DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*", "matchCriteriaId": "A86C732B-6E92-46FB-B1E5-F0BA2F0D6D82", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*", "matchCriteriaId": "986AE140-316D-4874-AEE2-3058A007D33F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "C1BC59CF-BA8A-4D4C-92A5-CFDA7ECD685F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*", "matchCriteriaId": "4B5F54BB-A80E-42F2-A700-82C1240E23D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "A3AC387D-BB23-4EB9-A7DA-6E3F5CD8EFD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*", "matchCriteriaId": "76BDFB16-D71F-4E33-83FD-F0F2AE2FAE7F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*", "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the \"shell about dialog box\" and clicking the \"End-User License Agreement\" link, which executes Notepad with the privileges of the program that displays the about box." } ], "id": "CVE-2006-0008", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2006-02-14T19:06:00.000", "references": [ { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18859" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015631" }, { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/739844" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html" }, { "source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/425141/100/0/threaded" }, { "source": "secure@microsoft.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16643" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0578" }, { "source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-009" }, { "source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24492" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1595" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1650" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1664" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1688" }, { "source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A727" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18859" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://securitytracker.com/id?1015631" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/739844" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/425141/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16643" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/0578" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-009" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24492" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1595" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1650" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1664" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1688" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A727" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2010-06-11 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, does not properly handle clipboard (1) drag and (2) paste operations for URLs, which allows user-assisted remote attackers to read arbitrary files via a crafted HTML document.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C7817232-BE3E-4655-8282-A979E5D40D3D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3B7DEC3-1C0B-4D13-98CD-CB7FAE7933B0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7723A9E8-1DE2-4C7D-81E6-4F79DCB09324", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C147E866-B80F-4FFA-BBE8-19E84A46DB1C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EC681A4-6F58-4C7D-B4E0-FCC1BCBC534E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "517AC59C-3071-4D4E-B370-DD6F3D73E0BD", "versionEndIncluding": "4.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "matchCriteriaId": "02EAC196-AE43-4787-9AF9-E79E2E1BBA46", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36EA71E0-63F7-46FF-AF11-792741F27628", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E36485-565D-4FAA-A6AD-57DF42D47462", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "73E9C17F-C99E-4ABB-B312-31F87BC0C0E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8B16DB-4D1F-41B7-A7A2-2A443596E1AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F60BF582-F700-4E26-A4AF-5BF657803525", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, does not properly handle clipboard (1) drag and (2) paste operations for URLs, which allows user-assisted remote attackers to read arbitrary files via a crafted HTML document." }, { "lang": "es", "value": "WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, no maneja adecuadamente las operaciones del portapapeles (1) arrastrar y (2) pegar para URLs, lo cual permite a atacantes remotos asistidos por el usuario leer archivos a su elecci\u00f3n a trav\u00e9s de documentos HTML manipulados." } ], "id": "CVE-2010-1388", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2010-06-11T18:00:20.957", "references": [ { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "product-security@apple.com", "url": "http://secunia.com/advisories/43068" }, { "source": "product-security@apple.com", "url": "http://securitytracker.com/id?1024067" }, { "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "product-security@apple.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/40752" }, { "source": "product-security@apple.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/40105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1024067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://support.apple.com/kb/HT4196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/40620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/40752" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/1373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0212" } ], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-02-12 23:00
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows_2000 | * | |
microsoft | windows_2003_server | sp1 | |
microsoft | windows_2003_server | sp2 | |
microsoft | windows_vista | * | |
microsoft | windows_xp | * | |
microsoft | office | * | |
microsoft | visual_basic | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office:*:*:mac\\+os:*:*:*:*:*", "matchCriteriaId": "06A2E44E-E858-4713-9F36-58061E83D438", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_basic:6.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "F562268C-1B63-4360-BD4C-A7F45009B7D7", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request." }, { "lang": "es", "value": "B\u00fafer overflow basado en mont\u00edculo en el objeto OLE (Object Linking and Embedding)Automation en Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, Vista, Office 2004 para Mac, y Visual basic 6.0 SP6, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n de secuencia de comandos manipulada." } ], "id": "CVE-2007-0065", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-02-12T23:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28902" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/27661" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019373" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0510/references" }, { "source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=120361015026386\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27661" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0510/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2006-09-12 23:07
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7.
References