VYPR

Vendor CVEs

Microsoft

All CVEs

14,278 total · sorted by risk
  • CVE-2004-0985Dec 31, 2004
    risk 0.02cvss epss 0.20

    Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that…

  • CVE-2004-1361Dec 23, 2004
    risk 0.02cvss epss 0.20

    Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.

  • CVE-2004-1319Dec 15, 2004
    risk 0.02cvss epss 0.26

    The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using…

  • CVE-2004-0203Nov 23, 2004
    risk 0.02cvss epss 0.21

    Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.

  • CVE-2004-1331Nov 16, 2004
    risk 0.02cvss epss 0.19

    The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.

  • CVE-2004-0846Nov 3, 2004
    risk 0.02cvss epss 0.28

    Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.

  • CVE-2004-0845Nov 3, 2004
    risk 0.02cvss epss 0.31

    Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site.

  • CVE-2004-0840Nov 3, 2004
    risk 0.02cvss epss 0.30

    The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a…

  • CVE-2004-0569Nov 3, 2004
    risk 0.02cvss epss 0.19

    The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.

  • CVE-2004-0202Aug 6, 2004
    risk 0.02cvss epss 0.26

    IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2004-0199Jun 14, 2004
    risk 0.02cvss epss 0.26

    Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).

  • CVE-2004-0197Jun 1, 2004
    risk 0.02cvss epss 0.26

    Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.

  • CVE-2003-0906Jun 1, 2004
    risk 0.02cvss epss 0.25

    Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.

  • CVE-2004-0117Jun 1, 2004
    risk 0.02cvss epss 0.26

    Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.

  • CVE-2004-0124Jun 1, 2004
    risk 0.02cvss epss 0.21

    The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."

  • CVE-2003-0907Jun 1, 2004
    risk 0.02cvss epss 0.22

    Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.

  • CVE-2003-0909Jun 1, 2004
    risk 0.02cvss epss 0.21

    Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."

  • CVE-2004-0123Jun 1, 2004
    risk 0.02cvss epss 0.30

    Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

  • CVE-2004-0118Jun 1, 2004
    risk 0.02cvss epss 0.22

    The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

  • CVE-2003-0905Apr 15, 2004
    risk 0.02cvss epss 0.26

    Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.

  • CVE-2004-0122Apr 15, 2004
    risk 0.02cvss epss 0.22

    Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.

  • CVE-2003-0814Feb 3, 2004
    risk 0.02cvss epss 0.28

    Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross…

  • CVE-2003-0823Feb 3, 2004
    risk 0.02cvss epss 0.26

    Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.

  • CVE-2003-1028Jan 20, 2004
    risk 0.02cvss epss 0.19

    The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as…

  • CVE-2003-0821Dec 15, 2003
    risk 0.02cvss epss 0.19

    Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.

  • CVE-2003-0820Dec 15, 2003
    risk 0.02cvss epss 0.26

    Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

  • CVE-2003-0660Nov 17, 2003
    risk 0.02cvss epss 0.23

    The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.

  • CVE-2003-0661Oct 20, 2003
    risk 0.02cvss epss 0.22

    The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.

  • CVE-2003-0353Aug 27, 2003
    risk 0.02cvss epss 0.22

    Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.

  • CVE-2003-0531Aug 27, 2003
    risk 0.02cvss epss 0.27

    Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability.

  • CVE-2003-0530Aug 27, 2003
    risk 0.02cvss epss 0.30

    Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.

  • CVE-2003-0532Aug 27, 2003
    risk 0.02cvss epss 0.23

    Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an…

  • CVE-2003-0507Aug 7, 2003
    risk 0.02cvss epss 0.27

    Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other…

  • CVE-2003-0348Jul 24, 2003
    risk 0.02cvss epss 0.20

    A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.

  • CVE-2003-0233May 12, 2003
    risk 0.02cvss epss 0.19

    Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

  • CVE-2003-0116May 12, 2003
    risk 0.02cvss epss 0.25

    Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target…

  • CVE-2003-0010Mar 24, 2003
    risk 0.02cvss epss 0.24

    Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that…

  • CVE-2002-1327Dec 26, 2002
    risk 0.02cvss epss 0.23

    Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise."

  • CVE-2002-1338Dec 18, 2002
    risk 0.02cvss epss 0.23

    The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files.

  • CVE-2002-1186Dec 11, 2002
    risk 0.02cvss epss 0.19

    Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka…

  • CVE-2002-1185Dec 11, 2002
    risk 0.02cvss epss 0.21

    Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka…

  • CVE-2002-1286Nov 29, 2002
    risk 0.02cvss epss 0.20

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious…

  • CVE-2002-1287Nov 29, 2002
    risk 0.02cvss epss 0.20

    Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.

  • CVE-2002-1292Nov 29, 2002
    risk 0.02cvss epss 0.22

    The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by…

  • CVE-2002-0869Nov 12, 2002
    risk 0.02cvss epss 0.24

    Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege…

  • CVE-2001-1451Oct 22, 2002
    risk 0.02cvss epss 0.28

    Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.

  • CVE-2002-0867Oct 11, 2002
    risk 0.02cvss epss 0.27

    Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."

  • CVE-2002-0863Oct 11, 2002
    risk 0.02cvss epss 0.24

    Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP…

  • CVE-2002-0865Oct 11, 2002
    risk 0.02cvss epss 0.20

    A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods…

  • CVE-2002-0727Sep 24, 2002
    risk 0.02cvss epss 0.19

    The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.

Page 233 of 286