VYPR

Windows

by Microsoft

CVEs (2,399)

  • CVE-2012-4774Dec 12, 2012
    risk 0.02cvss epss 0.21

    Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that triggers use of unallocated…

  • CVE-2012-2556Dec 12, 2012
    risk 0.02cvss epss 0.21

    The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to…

  • CVE-2012-1850Aug 15, 2012
    risk 0.02cvss epss 0.27

    The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses,…

  • CVE-2012-0173Jun 12, 2012
    risk 0.02cvss epss 0.21

    The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to…

  • CVE-2012-0165May 9, 2012
    risk 0.02cvss epss 0.25

    GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka "GDI+ Record Type…

  • CVE-2012-0159May 9, 2012
    risk 0.02cvss epss 0.27

    Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and…

  • CVE-2012-0150Feb 14, 2012
    risk 0.02cvss epss 0.24

    Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerability."

  • CVE-2012-0009Jan 10, 2012
    risk 0.02cvss epss 0.21

    Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that…

  • CVE-2012-0004Jan 10, 2012
    risk 0.02cvss epss 0.23

    Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file,…

  • CVE-2011-3415Dec 30, 2011
    risk 0.02cvss epss 0.24

    Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka…

  • CVE-2011-3401Dec 14, 2011
    risk 0.02cvss epss 0.21

    ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability."

  • CVE-2011-3397Dec 14, 2011
    risk 0.02cvss epss 0.20

    The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code…

  • CVE-2011-1267Jun 16, 2011
    risk 0.02cvss epss 0.24

    The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB Request Parsing…

  • CVE-2011-0658Jun 16, 2011
    risk 0.02cvss epss 0.21

    Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute…

  • CVE-2011-0034Apr 13, 2011
    risk 0.02cvss epss 0.28

    Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to…

  • CVE-2011-0028Apr 13, 2011
    risk 0.02cvss epss 0.24

    WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad Converter Parsing Vulnerability."

  • CVE-2011-0033Feb 10, 2011
    risk 0.02cvss epss 0.21

    The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote…

  • CVE-2010-4669Jan 7, 2011
    risk 0.02cvss epss 0.29

    The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router…

  • CVE-2010-4182Nov 4, 2010
    risk 0.02cvss epss 0.25

    Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows Server 2003 R2 Enterprise Edition SP3, Windows Vista Business SP1, and Windows 7 Professional allows local users, and possibly remote…

  • CVE-2010-1882Aug 11, 2010
    risk 0.02cvss epss 0.23

    Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted…

Page 94 of 120