VYPR

Windows

by Microsoft

CVEs (2,482)

  • CVE-2007-2229Jun 12, 2007
    risk 0.00cvss epss 0.02

    Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store…

  • CVE-2007-1209Apr 10, 2007
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort…

  • CVE-2007-1206Apr 10, 2007
    risk 0.00cvss epss 0.03

    The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which allows local users to gain…

  • CVE-2007-1537Mar 20, 2007
    risk 0.00cvss epss 0.01

    \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.

  • CVE-2007-0211Feb 13, 2007
    risk 0.00cvss epss 0.03

    The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware."

  • CVE-2006-6753Dec 27, 2006
    risk 0.00cvss epss 0.02

    Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%' (percent) characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not…

  • CVE-2005-2388Jul 27, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

  • CVE-2005-0550May 2, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".

  • CVE-2005-0060May 2, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.

  • CVE-2004-0207Nov 3, 2004
    risk 0.00cvss epss 0.02

    "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…

  • CVE-2004-0208Nov 3, 2004
    risk 0.00cvss epss 0.02

    The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly…

  • CVE-2002-2401Dec 31, 2002
    risk 0.00cvss epss 0.02

    NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

  • CVE-2002-2028Dec 31, 2002
    risk 0.00cvss epss 0.02

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.

  • CVE-2002-1692Dec 31, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.

  • CVE-2002-0151Apr 4, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

  • CVE-1999-0590Jun 1, 2000
    risk 0.00cvss epss 0.06

    A system does not present an appropriate legal message or warning to a user who is accessing it.

  • CVE-1999-1104Dec 31, 1999
    risk 0.00cvss epss 0.01

    Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.

  • CVE-1999-0717May 7, 1999
    risk 0.00cvss epss 0.06

    A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

  • CVE-1999-0258Feb 13, 1998
    risk 0.00cvss epss 0.06

    Bonk variation of teardrop IP fragmentation denial of service.

  • CVE-1999-0518Jan 1, 1997
    risk 0.00cvss epss 0.05

    A NETBIOS/SMB share password is guessable.

Page 124 of 125