VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2005-2122Oct 21, 2005
    risk 0.03cvss epss 0.43

    Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a…

  • CVE-2005-1985Oct 13, 2005
    risk 0.03cvss epss 0.36

    The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.

  • CVE-2005-1987Oct 13, 2005
    risk 0.03cvss epss 0.43

    Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type"…

  • CVE-2005-2128Oct 12, 2005
    risk 0.03cvss epss 0.40

    QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.

  • CVE-2005-2678Aug 23, 2005
    risk 0.03cvss epss 0.42

    Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.

  • CVE-2005-1205Jun 14, 2005
    risk 0.03cvss epss 0.33

    The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

  • CVE-2005-1665May 18, 2005
    risk 0.03cvss epss 0.40

    The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup.

  • CVE-2005-0852May 2, 2005
    risk 0.03cvss epss 0.01

    Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3.

  • CVE-2005-0047May 2, 2005
    risk 0.03cvss epss 0.05

    Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."

  • CVE-2005-0044May 2, 2005
    risk 0.03cvss epss 0.33

    The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."

  • CVE-2005-0055May 2, 2005
    risk 0.03cvss epss 0.37

    Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability."

  • CVE-2005-0057May 2, 2005
    risk 0.03cvss epss 0.41

    The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.

  • CVE-2004-0963Feb 9, 2005
    risk 0.03cvss epss 0.33

    Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an…

  • CVE-2004-0978Feb 9, 2005
    risk 0.03cvss epss 0.38

    Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.

  • CVE-2004-0897Jan 11, 2005
    risk 0.03cvss epss 0.43

    The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

  • CVE-2004-0568Jan 10, 2005
    risk 0.03cvss epss 0.35

    HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file…

  • CVE-2004-0894Jan 10, 2005
    risk 0.03cvss epss 0.04

    LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.

  • CVE-2004-2176Dec 31, 2004
    risk 0.03cvss epss 0.03

    The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.

  • CVE-2004-0843Nov 3, 2004
    risk 0.03cvss epss 0.34

    Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability."

  • CVE-2004-0844Nov 3, 2004
    risk 0.03cvss epss 0.33

    Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems…

  • CVE-2004-0573Sep 28, 2004
    risk 0.03cvss epss 0.42

    Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.

  • CVE-2004-0839Aug 18, 2004
    risk 0.03cvss epss 0.33

    Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the…

  • CVE-2004-0566Jul 27, 2004
    risk 0.03cvss epss 0.38

    Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.

  • CVE-2003-0806Jun 1, 2004
    risk 0.03cvss epss 0.33

    Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.

  • CVE-2003-0807Jun 1, 2004
    risk 0.03cvss epss 0.40

    Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.

  • CVE-2003-0663Jun 1, 2004
    risk 0.03cvss epss 0.32

    Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.

  • CVE-2004-0116Jun 1, 2004
    risk 0.03cvss epss 0.37

    An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.

  • CVE-2003-0903Feb 17, 2004
    risk 0.03cvss epss 0.37

    Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.

  • CVE-2003-0819Feb 17, 2004
    risk 0.03cvss epss 0.41

    Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225…

  • CVE-2004-1244Feb 8, 2004
    risk 0.03cvss epss 0.33

    Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."

  • CVE-2003-1027Jan 20, 2004
    risk 0.03cvss epss 0.38

    Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2,…

  • CVE-2003-1407Dec 31, 2003
    risk 0.03cvss epss 0.03

    Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.

  • CVE-2003-0824Dec 15, 2003
    risk 0.03cvss epss 0.34

    Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.

  • CVE-2003-0662Nov 17, 2003
    risk 0.03cvss epss 0.34

    Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.

  • CVE-2003-0711Nov 17, 2003
    risk 0.03cvss epss 0.33

    Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

  • CVE-2003-0528Sep 17, 2003
    risk 0.03cvss epss 0.38

    Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi)…

  • CVE-2003-0715Sep 17, 2003
    risk 0.03cvss epss 0.37

    Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than…

  • CVE-2003-0232Aug 27, 2003
    risk 0.03cvss epss 0.04

    Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.

  • CVE-2003-0346Aug 27, 2003
    risk 0.03cvss epss 0.33

    Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer…

  • CVE-2003-0496Aug 18, 2003
    risk 0.03cvss epss 0.05

    Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

  • CVE-2003-0345Aug 18, 2003
    risk 0.03cvss epss 0.34

    Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.

  • CVE-2003-0225Jun 9, 2003
    risk 0.03cvss epss 0.38

    The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.

  • CVE-2003-0306Jun 9, 2003
    risk 0.03cvss epss 0.04

    Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.

  • CVE-2003-0004Feb 19, 2003
    risk 0.03cvss epss 0.03

    Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.

  • CVE-2002-2105Dec 31, 2002
    risk 0.03cvss epss 0.03

    Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.

  • CVE-2002-1181Nov 12, 2002
    risk 0.03cvss epss 0.39

    Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or…

  • CVE-2002-1182Nov 12, 2002
    risk 0.03cvss epss 0.36

    IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.

  • CVE-2002-1230Nov 4, 2002
    risk 0.03cvss epss 0.02

    NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw…

  • CVE-2002-0370Oct 10, 2002
    risk 0.03cvss epss 0.43

    Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME,…

  • CVE-2002-0736Aug 12, 2002
    risk 0.03cvss epss 0.32

    Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

Page 224 of 287