VYPR

Windows Explorer

by Microsoft

CVEs (19)

  • CVE-2022-26808HigApr 15, 2022
    risk 0.46cvss 7.0epss 0.00

    Windows File Explorer Elevation of Privilege Vulnerability

  • CVE-2006-2766Jun 2, 2006
    risk 0.07cvss epss 0.48

    Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL…

  • CVE-2007-1347Mar 8, 2007
    risk 0.06cvss epss 0.32

    Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in…

  • CVE-2007-5133Sep 27, 2007
    risk 0.05cvss epss 0.23

    Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by…

  • CVE-2007-3958Jul 24, 2007
    risk 0.05cvss epss 0.25

    Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif.

  • CVE-2004-2289Dec 31, 2004
    risk 0.05cvss epss 0.23

    Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.

  • CVE-2007-1090Feb 26, 2007
    risk 0.04cvss epss 0.16

    Microsoft Windows Explorer on Windows XP and 2003 allows remote user-assisted attackers to cause a denial of service (crash) via a malformed WMF file, which triggers the crash when the user browses the folder.

  • CVE-2007-0562Jan 30, 2007
    risk 0.04cvss epss 0.13

    Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file.

  • CVE-2006-6602Dec 15, 2006
    risk 0.04cvss epss 0.14

    explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a crafted WMV file.

  • CVE-2005-2117Oct 21, 2005
    risk 0.03cvss epss 0.37

    Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.

  • CVE-2024-38100Jul 9, 2024
    risk 0.02cvss epss 0.05

    Windows File Explorer Elevation of Privilege Vulnerability

  • CVE-2006-0012Apr 12, 2006
    risk 0.02cvss epss 0.24

    Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."

  • CVE-2007-5145Oct 1, 2007
    risk 0.01cvss epss 0.10

    Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of…

  • CVE-2007-4227Aug 8, 2007
    risk 0.01cvss epss 0.13

    Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain JPG file, as demonstrated by something.jpg. NOTE: this issue might be related to CVE-2007-3958.

  • CVE-2005-0954May 2, 2005
    risk 0.01cvss epss 0.15

    Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file.

  • CVE-1999-0967Nov 1, 1997
    risk 0.01cvss epss 0.07

    Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.

  • CVE-2026-20823Jan 13, 2026
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

  • CVE-2025-59214Oct 14, 2025
    risk 0.00cvss epss 0.02

    Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2004-2290Dec 31, 2004
    risk 0.00cvss epss 0.03

    Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder.