Vendor CVEs
Microsoft
All CVEs
14,278 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0985 | 0.02 | — | 0.20 | Dec 31, 2004 | Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that… | |||
| CVE-2004-1361 | 0.02 | — | 0.20 | Dec 23, 2004 | Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. | |||
| CVE-2004-1319 | 0.02 | — | 0.26 | Dec 15, 2004 | The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using… | |||
| CVE-2004-0203 | 0.02 | — | 0.21 | Nov 23, 2004 | Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query. | |||
| CVE-2004-1331 | 0.02 | — | 0.19 | Nov 16, 2004 | The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. | |||
| CVE-2004-0846 | 0.02 | — | 0.28 | Nov 3, 2004 | Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | |||
| CVE-2004-0845 | 0.02 | — | 0.31 | Nov 3, 2004 | Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | |||
| CVE-2004-0840 | 0.02 | — | 0.30 | Nov 3, 2004 | The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a… | |||
| CVE-2004-0569 | 0.02 | — | 0.19 | Nov 3, 2004 | The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. | |||
| CVE-2004-0202 | 0.02 | — | 0.26 | Aug 6, 2004 | IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||
| CVE-2004-0199 | 0.02 | — | 0.26 | Jun 14, 2004 | Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). | |||
| CVE-2004-0197 | 0.02 | — | 0.26 | Jun 1, 2004 | Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query. | |||
| CVE-2003-0906 | 0.02 | — | 0.25 | Jun 1, 2004 | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | |||
| CVE-2004-0117 | 0.02 | — | 0.26 | Jun 1, 2004 | Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | |||
| CVE-2004-0124 | 0.02 | — | 0.21 | Jun 1, 2004 | The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." | |||
| CVE-2003-0907 | 0.02 | — | 0.22 | Jun 1, 2004 | Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe. | |||
| CVE-2003-0909 | 0.02 | — | 0.21 | Jun 1, 2004 | Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." | |||
| CVE-2004-0123 | 0.02 | — | 0.30 | Jun 1, 2004 | Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2004-0118 | 0.02 | — | 0.22 | Jun 1, 2004 | The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | |||
| CVE-2003-0905 | 0.02 | — | 0.26 | Apr 15, 2004 | Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets. | |||
| CVE-2004-0122 | 0.02 | — | 0.22 | Apr 15, 2004 | Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files. | |||
| CVE-2003-0814 | 0.02 | — | 0.28 | Feb 3, 2004 | Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross… | |||
| CVE-2003-0823 | 0.02 | — | 0.26 | Feb 3, 2004 | Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. | |||
| CVE-2003-1028 | 0.02 | — | 0.19 | Jan 20, 2004 | The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as… | |||
| CVE-2003-0821 | 0.02 | — | 0.19 | Dec 15, 2003 | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | |||
| CVE-2003-0820 | 0.02 | — | 0.26 | Dec 15, 2003 | Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||
| CVE-2003-0660 | 0.02 | — | 0.23 | Nov 17, 2003 | The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval. | |||
| CVE-2003-0661 | 0.02 | — | 0.22 | Oct 20, 2003 | The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. | |||
| CVE-2003-0353 | 0.02 | — | 0.22 | Aug 27, 2003 | Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. | |||
| CVE-2003-0531 | 0.02 | — | 0.27 | Aug 27, 2003 | Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. | |||
| CVE-2003-0530 | 0.02 | — | 0.30 | Aug 27, 2003 | Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. | |||
| CVE-2003-0532 | 0.02 | — | 0.23 | Aug 27, 2003 | Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an… | |||
| CVE-2003-0507 | 0.02 | — | 0.27 | Aug 7, 2003 | Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other… | |||
| CVE-2003-0348 | 0.02 | — | 0.20 | Jul 24, 2003 | A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. | |||
| CVE-2003-0233 | 0.02 | — | 0.19 | May 12, 2003 | Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. | |||
| CVE-2003-0116 | 0.02 | — | 0.25 | May 12, 2003 | Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target… | |||
| CVE-2003-0010 | 0.02 | — | 0.24 | Mar 24, 2003 | Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that… | |||
| CVE-2002-1327 | 0.02 | — | 0.23 | Dec 26, 2002 | Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise." | |||
| CVE-2002-1338 | 0.02 | — | 0.23 | Dec 18, 2002 | The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files. | |||
| CVE-2002-1186 | 0.02 | — | 0.19 | Dec 11, 2002 | Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka… | |||
| CVE-2002-1185 | 0.02 | — | 0.21 | Dec 11, 2002 | Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka… | |||
| CVE-2002-1286 | 0.02 | — | 0.20 | Nov 29, 2002 | The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious… | |||
| CVE-2002-1287 | 0.02 | — | 0.20 | Nov 29, 2002 | Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. | |||
| CVE-2002-1292 | 0.02 | — | 0.22 | Nov 29, 2002 | The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by… | |||
| CVE-2002-0869 | 0.02 | — | 0.24 | Nov 12, 2002 | Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege… | |||
| CVE-2001-1451 | 0.02 | — | 0.28 | Oct 22, 2002 | Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | |||
| CVE-2002-0867 | 0.02 | — | 0.27 | Oct 11, 2002 | Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." | |||
| CVE-2002-0863 | 0.02 | — | 0.24 | Oct 11, 2002 | Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP… | |||
| CVE-2002-0865 | 0.02 | — | 0.20 | Oct 11, 2002 | A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods… | |||
| CVE-2002-0727 | 0.02 | — | 0.19 | Sep 24, 2002 | The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method. |
- CVE-2004-0985Dec 31, 2004risk 0.02cvss —epss 0.20
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that…
- CVE-2004-1361Dec 23, 2004risk 0.02cvss —epss 0.20
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.
- CVE-2004-1319Dec 15, 2004risk 0.02cvss —epss 0.26
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using…
- CVE-2004-0203Nov 23, 2004risk 0.02cvss —epss 0.21
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
- CVE-2004-1331Nov 16, 2004risk 0.02cvss —epss 0.19
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.
- CVE-2004-0846Nov 3, 2004risk 0.02cvss —epss 0.28
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
- CVE-2004-0845Nov 3, 2004risk 0.02cvss —epss 0.31
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site.
- CVE-2004-0840Nov 3, 2004risk 0.02cvss —epss 0.30
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a…
- CVE-2004-0569Nov 3, 2004risk 0.02cvss —epss 0.19
The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.
- CVE-2004-0202Aug 6, 2004risk 0.02cvss —epss 0.26
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2004-0199Jun 14, 2004risk 0.02cvss —epss 0.26
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
- CVE-2004-0197Jun 1, 2004risk 0.02cvss —epss 0.26
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.
- CVE-2003-0906Jun 1, 2004risk 0.02cvss —epss 0.25
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
- CVE-2004-0117Jun 1, 2004risk 0.02cvss —epss 0.26
Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
- CVE-2004-0124Jun 1, 2004risk 0.02cvss —epss 0.21
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."
- CVE-2003-0907Jun 1, 2004risk 0.02cvss —epss 0.22
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
- CVE-2003-0909Jun 1, 2004risk 0.02cvss —epss 0.21
Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
- CVE-2004-0123Jun 1, 2004risk 0.02cvss —epss 0.30
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
- CVE-2004-0118Jun 1, 2004risk 0.02cvss —epss 0.22
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
- CVE-2003-0905Apr 15, 2004risk 0.02cvss —epss 0.26
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.
- CVE-2004-0122Apr 15, 2004risk 0.02cvss —epss 0.22
Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.
- CVE-2003-0814Feb 3, 2004risk 0.02cvss —epss 0.28
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross…
- CVE-2003-0823Feb 3, 2004risk 0.02cvss —epss 0.26
Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.
- CVE-2003-1028Jan 20, 2004risk 0.02cvss —epss 0.19
The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as…
- CVE-2003-0821Dec 15, 2003risk 0.02cvss —epss 0.19
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
- CVE-2003-0820Dec 15, 2003risk 0.02cvss —epss 0.26
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
- CVE-2003-0660Nov 17, 2003risk 0.02cvss —epss 0.23
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.
- CVE-2003-0661Oct 20, 2003risk 0.02cvss —epss 0.22
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.
- CVE-2003-0353Aug 27, 2003risk 0.02cvss —epss 0.22
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
- CVE-2003-0531Aug 27, 2003risk 0.02cvss —epss 0.27
Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability.
- CVE-2003-0530Aug 27, 2003risk 0.02cvss —epss 0.30
Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.
- CVE-2003-0532Aug 27, 2003risk 0.02cvss —epss 0.23
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an…
- CVE-2003-0507Aug 7, 2003risk 0.02cvss —epss 0.27
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other…
- CVE-2003-0348Jul 24, 2003risk 0.02cvss —epss 0.20
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.
- CVE-2003-0233May 12, 2003risk 0.02cvss —epss 0.19
Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.
- CVE-2003-0116May 12, 2003risk 0.02cvss —epss 0.25
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target…
- CVE-2003-0010Mar 24, 2003risk 0.02cvss —epss 0.24
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that…
- CVE-2002-1327Dec 26, 2002risk 0.02cvss —epss 0.23
Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise."
- CVE-2002-1338Dec 18, 2002risk 0.02cvss —epss 0.23
The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files.
- CVE-2002-1186Dec 11, 2002risk 0.02cvss —epss 0.19
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka…
- CVE-2002-1185Dec 11, 2002risk 0.02cvss —epss 0.21
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka…
- CVE-2002-1286Nov 29, 2002risk 0.02cvss —epss 0.20
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious…
- CVE-2002-1287Nov 29, 2002risk 0.02cvss —epss 0.20
Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.
- CVE-2002-1292Nov 29, 2002risk 0.02cvss —epss 0.22
The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by…
- CVE-2002-0869Nov 12, 2002risk 0.02cvss —epss 0.24
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege…
- CVE-2001-1451Oct 22, 2002risk 0.02cvss —epss 0.28
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.
- CVE-2002-0867Oct 11, 2002risk 0.02cvss —epss 0.27
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."
- CVE-2002-0863Oct 11, 2002risk 0.02cvss —epss 0.24
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP…
- CVE-2002-0865Oct 11, 2002risk 0.02cvss —epss 0.20
A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods…
- CVE-2002-0727Sep 24, 2002risk 0.02cvss —epss 0.19
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
Page 233 of 286