VYPR

Vendor CVEs

Microsoft

All CVEs

14,175 total · sorted by risk
  • CVE-2006-5585Dec 13, 2006
    risk 0.00cvss epss 0.02

    The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."

  • CVE-2006-6265Dec 4, 2006
    risk 0.00cvss epss 0.04

    Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or…

  • CVE-2006-5913Nov 15, 2006
    risk 0.00cvss epss 0.05

    Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but…

  • CVE-2006-5805Nov 8, 2006
    risk 0.00cvss epss 0.06

    Microsoft Internet Explorer 7 allows remote attackers to cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/invalidcert.htm with the target site as an argument, which displays the site's URL in the address bar but causes…

  • CVE-2006-3443Aug 9, 2006
    risk 0.00cvss epss 0.02

    Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability."

  • CVE-2006-3209Jun 24, 2006
    risk 0.00cvss epss 0.02

    The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group…

  • CVE-2006-1475Mar 29, 2006
    risk 0.00cvss epss 0.02

    Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the victim does not obtain…

  • CVE-2006-1476Mar 29, 2006
    risk 0.00cvss epss 0.04

    Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is ".exe" (with no characters before the "."), which might allow local user-assisted users to trick a user into unblocking a Trojan horse program, as…

  • CVE-2006-0008Feb 14, 2006
    risk 0.00cvss epss 0.02

    The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License…

  • CVE-2006-0023Feb 8, 2006
    risk 0.00cvss epss 0.01

    Microsoft Windows XP SP1 and SP2 before August 2004, and possibly other operating systems and versions, uses insecure default ACLs that allow the Authenticated Users group to gain privileges by modifying critical configuration information for the (1) Simple Service Discovery…

  • CVE-2006-0488Feb 1, 2006
    risk 0.00cvss epss 0.02

    The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm.

  • CVE-2006-0363Jan 22, 2006
    risk 0.00cvss epss 0.03

    The "Remember my Password" feature in MSN Messenger 7.5 stores passwords in an encrypted format under the HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds registry key, which might allow local users to obtain the original passwords via a program that calls…

  • CVE-2005-4697Dec 31, 2005
    risk 0.00cvss epss 0.02

    The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.

  • CVE-2005-3240Dec 31, 2005
    risk 0.00cvss epss 0.06

    Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag…

  • CVE-2005-4269Dec 15, 2005
    risk 0.00cvss epss 0.05

    mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at the same time that a document is reloading, as seen in Microsoft Office…

  • CVE-2005-2940Nov 18, 2005
    risk 0.00cvss epss 0.02

    Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs (1) GIANTAntiSpywareMain.exe, (2) gcASNotice.exe, (3) gcasServ.exe, (4)…

  • CVE-2005-3174Oct 6, 2005
    risk 0.00cvss epss 0.01

    Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long.

  • CVE-2005-3175Oct 6, 2005
    risk 0.00cvss epss 0.01

    Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local administrator to unlock a computer even if it has been locked by a domain administrator, which allows the local administrator to access the session as the domain administrator.

  • CVE-2005-3168Oct 6, 2005
    risk 0.00cvss epss 0.04

    The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions…

  • CVE-2005-3176Oct 6, 2005
    risk 0.00cvss epss 0.04

    Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.

  • CVE-2005-3177Oct 6, 2005
    risk 0.00cvss epss 0.01

    CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain…

  • CVE-2005-3173Oct 6, 2005
    risk 0.00cvss epss 0.01

    Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions.

  • CVE-2005-3172Oct 6, 2005
    risk 0.00cvss epss 0.05

    The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable…

  • CVE-2005-3169Oct 6, 2005
    risk 0.00cvss epss 0.03

    Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to…

  • CVE-2005-3171Oct 6, 2005
    risk 0.00cvss epss 0.01

    Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe…

  • CVE-2005-2935Sep 15, 2005
    risk 0.00cvss epss 0.02

    Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps…

  • CVE-2005-2765Sep 1, 2005
    risk 0.00cvss epss 0.01

    The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor…

  • CVE-2005-1982Aug 10, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card…

  • CVE-2005-2388Jul 27, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

  • CVE-2005-2143Jul 5, 2005
    risk 0.00cvss epss 0.04

    Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.

  • CVE-2005-1791May 28, 2005
    risk 0.00cvss epss 0.04

    Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the user attempts to add a URI to the restricted zone, in which the full domain name of the URI begins with numeric sequences similar to an IP address. NOTE: if there is not an exploit scenario in which an attacker…

  • CVE-2005-1574May 14, 2005
    risk 0.00cvss epss 0.05

    Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled.

  • CVE-2005-0820May 2, 2005
    risk 0.00cvss epss 0.01

    Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name.

  • CVE-2005-0738May 2, 2005
    risk 0.00cvss epss 0.05

    Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a…

  • CVE-2005-0921May 2, 2005
    risk 0.00cvss epss 0.01

    Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy.

  • CVE-2005-0060May 2, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.

  • CVE-2005-0550May 2, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".

  • CVE-2005-0545May 2, 2005
    risk 0.00cvss epss 0.02

    Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this…

  • CVE-2005-0061May 2, 2005
    risk 0.00cvss epss 0.02

    The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.

  • CVE-2004-0893Jan 10, 2005
    risk 0.00cvss epss 0.02

    The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel…

  • CVE-2004-2527Dec 31, 2004
    risk 0.00cvss epss 0.02

    The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to…

  • CVE-2004-1527Dec 31, 2004
    risk 0.00cvss epss 0.01

    Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows…

  • CVE-2004-2382Dec 31, 2004
    risk 0.00cvss epss 0.02

    The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?".

  • CVE-2004-2290Dec 31, 2004
    risk 0.00cvss epss 0.03

    Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder.

  • CVE-2004-1198Dec 31, 2004
    risk 0.00cvss epss 0.02

    Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.

  • CVE-2004-2704Dec 31, 2004
    risk 0.00cvss epss 0.05

    Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link,…

  • CVE-2004-2147Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body.

  • CVE-2004-2365Dec 31, 2004
    risk 0.00cvss epss 0.02

    Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.

  • CVE-2004-0979Dec 31, 2004
    risk 0.00cvss epss 0.04

    Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.

  • CVE-2004-2730Dec 31, 2004
    risk 0.00cvss epss 0.02

    Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and…

Page 279 of 284