Windows
by Microsoft
CVEs (2,455)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-3441 | 0.08 | — | 0.63 | Aug 9, 2006 | Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors,… | |||
| CVE-2006-1314 | 0.08 | — | 0.64 | Jul 11, 2006 | Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption… | |||
| CVE-2005-2123 | 0.08 | — | 0.65 | Nov 29, 2005 | Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based… | |||
| CVE-2004-1305 | 0.08 | — | 0.62 | Dec 23, 2004 | The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to… | |||
| CVE-2004-0209 | 0.08 | — | 0.62 | Nov 3, 2004 | Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an… | |||
| CVE-2015-6127 | 0.07 | — | 0.46 | Dec 9, 2015 | Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability." | |||
| CVE-2011-5046 | 0.07 | — | 0.45 | Dec 30, 2011 | The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which… | |||
| CVE-2009-2514 | 0.07 | — | 0.47 | Nov 11, 2009 | win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka… | |||
| CVE-2008-4114 | 0.07 | — | 0.49 | Sep 16, 2008 | srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet… | |||
| CVE-2008-3013 | 0.07 | — | 0.52 | Sep 11, 2008 | gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital… | |||
| CVE-2007-5348 | 0.07 | — | 0.53 | Sep 11, 2008 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8,… | |||
| CVE-2008-2245 | 0.07 | — | 0.46 | Aug 13, 2008 | Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to… | |||
| CVE-2007-3898 | 0.07 | — | 0.55 | Nov 14, 2007 | The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors. | |||
| CVE-2007-3034 | 0.07 | — | 0.55 | Aug 14, 2007 | Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a… | |||
| CVE-2007-1765 | 0.07 | — | 0.54 | Mar 30, 2007 | Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and… | |||
| CVE-2005-2124 | 0.07 | — | 0.60 | Nov 29, 2005 | Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF)… | |||
| CVE-2005-1978 | 0.07 | — | 0.57 | Oct 12, 2005 | COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | |||
| CVE-2005-0058 | 0.07 | — | 0.50 | Aug 10, 2005 | Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. | |||
| CVE-2001-0876 | 0.07 | — | 0.49 | Dec 20, 2001 | Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | |||
| CVE-2000-0979 | 0.07 | — | 0.46 | Dec 19, 2000 | File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka… |
- CVE-2006-3441Aug 9, 2006risk 0.08cvss —epss 0.63
Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors,…
- CVE-2006-1314Jul 11, 2006risk 0.08cvss —epss 0.64
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption…
- CVE-2005-2123Nov 29, 2005risk 0.08cvss —epss 0.65
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based…
- CVE-2004-1305Dec 23, 2004risk 0.08cvss —epss 0.62
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to…
- CVE-2004-0209Nov 3, 2004risk 0.08cvss —epss 0.62
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an…
- CVE-2015-6127Dec 9, 2015risk 0.07cvss —epss 0.46
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
- CVE-2011-5046Dec 30, 2011risk 0.07cvss —epss 0.45
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which…
- CVE-2009-2514Nov 11, 2009risk 0.07cvss —epss 0.47
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka…
- CVE-2008-4114Sep 16, 2008risk 0.07cvss —epss 0.49
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet…
- CVE-2008-3013Sep 11, 2008risk 0.07cvss —epss 0.52
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital…
- CVE-2007-5348Sep 11, 2008risk 0.07cvss —epss 0.53
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8,…
- CVE-2008-2245Aug 13, 2008risk 0.07cvss —epss 0.46
Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to…
- CVE-2007-3898Nov 14, 2007risk 0.07cvss —epss 0.55
The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.
- CVE-2007-3034Aug 14, 2007risk 0.07cvss —epss 0.55
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a…
- CVE-2007-1765Mar 30, 2007risk 0.07cvss —epss 0.54
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and…
- CVE-2005-2124Nov 29, 2005risk 0.07cvss —epss 0.60
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF)…
- CVE-2005-1978Oct 12, 2005risk 0.07cvss —epss 0.57
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
- CVE-2005-0058Aug 10, 2005risk 0.07cvss —epss 0.50
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.
- CVE-2001-0876Dec 20, 2001risk 0.07cvss —epss 0.49
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
- CVE-2000-0979Dec 19, 2000risk 0.07cvss —epss 0.46
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka…
Page 83 of 123