CVSS: 7.8EPSS: 0%CPEs: 45EXPL: 0CVE-2011-1229
https://notcve.org/view.php?id=CVE-2011-1229
13 Apr 2011 — win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." Vulneravilidad de desreferencia a puntero nulo en win32k.sys en el... • http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 34%CPEs: 1EXPL: 2CVE-2008-2959 – Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-2959
02 Jul 2008 — Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function. Desbordamiento de búfer en un determinado control ActiveX (vb6skit.dll) de Microsoft Visual Basic Enterprise Edition 6.0 SP6 puede permitir a atacantes remotos ejecutar código de su elección a través de un argumento lpstrLinkPath largo de la función fCreateShellLink. • https://www.exploit-db.com/exploits/5851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •