VYPR

Windows Xp

by Microsoft

CVEs (744)

  • CVE-2009-0085Mar 10, 2009
    risk 0.01cvss epss 0.15

    The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport…

  • CVE-2009-0243Jan 21, 2009
    risk 0.01cvss epss 0.06

    Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device, and (4) connecting a…

  • CVE-2007-5145Oct 1, 2007
    risk 0.01cvss epss 0.10

    Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of…

  • CVE-2007-2218Jun 12, 2007
    risk 0.01cvss epss 0.13

    Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL…

  • CVE-2007-2374Apr 30, 2007
    risk 0.01cvss epss 0.17

    Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is…

  • CVE-2007-1204Apr 10, 2007
    risk 0.01cvss epss 0.09

    Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption.

  • CVE-2006-4066Aug 10, 2006
    risk 0.01cvss epss 0.06

    The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows context-dependent attackers to cause a denial of service (application crash) via certain images that trigger a divide-by-zero error, as demonstrated by a (1) .ico file, (2) .png file…

  • CVE-2006-3351Jul 6, 2006
    risk 0.01cvss epss 0.07

    Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of…

  • CVE-2006-1591Apr 3, 2006
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.

  • CVE-2006-0376Jan 22, 2006
    risk 0.01cvss epss 0.18

    The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an…

  • CVE-2005-3595Nov 16, 2005
    risk 0.01cvss epss 0.16

    By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.

  • CVE-2005-2126Oct 21, 2005
    risk 0.01cvss epss 0.14

    The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary…

  • CVE-2005-1207Jun 14, 2005
    risk 0.01cvss epss 0.07

    Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.

  • CVE-2005-1214Jun 14, 2005
    risk 0.01cvss epss 0.13

    Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

  • CVE-2005-1792Jun 1, 2005
    risk 0.01cvss epss 0.07

    Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache.

  • CVE-2005-0954May 2, 2005
    risk 0.01cvss epss 0.15

    Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file.

  • CVE-2004-2307Dec 31, 2004
    risk 0.01cvss epss 0.15

    Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A.

  • CVE-2003-0813Nov 17, 2003
    risk 0.01cvss epss 0.15

    A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it…

  • CVE-2002-1932Dec 31, 2002
    risk 0.01cvss epss 0.13

    Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to…

  • CVE-2002-2117Dec 31, 2002
    risk 0.01cvss epss 0.12

    Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP).

Page 26 of 38