CVSS: 10.0EPSS: 49%CPEs: 22EXPL: 0CVE-2004-0978
https://notcve.org/view.php?id=CVE-2004-0978
21 Oct 2004 — Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter. • http://marc.info/?l=bugtraq&m=110616221411579&w=2 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 23%CPEs: 1EXPL: 0CVE-2004-0569
https://notcve.org/view.php?id=CVE-2004-0569
16 Oct 2004 — The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. La librería de tiempo de ejecución RPC de Microsoft Windows NT 4.0 permite a atacantes remotos leer la memoria activa o causar una denegación de servicio (caída del sistema) mediante un mensaje malicioso, posiblemente relacionado con valores de longitud inapropiados. • http://marc.info/?l=bugtraq&m=109769394209518&w=2 •
CVSS: 10.0EPSS: 85%CPEs: 5EXPL: 1CVE-2004-0574 – Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
https://notcve.org/view.php?id=CVE-2004-0574
16 Oct 2004 — The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. El componente de Protocolo de Transferencia de Noticias de Red (NNTP) de Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Se... • https://www.exploit-db.com/exploits/578 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 80%CPEs: 5EXPL: 2CVE-2004-0206 – Microsoft NetDDE Service - Remote Overflow (MS04-031)
https://notcve.org/view.php?id=CVE-2004-0206
16 Oct 2004 — Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. Los servicios Network Dynamic Data Exchange (NetDDE) de Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 permiten a atacantes ejecutar código de su el... • https://www.exploit-db.com/exploits/16371 •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2004-0207
https://notcve.org/view.php?id=CVE-2004-0207
16 Oct 2004 — "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. Vulnerabilidad de estilo "hacer añicos" en la interfaz de programación de aplicación (API) de Administración de Windows en Microsoft Windows 98, Windows... • http://marc.info/?l=bugtraq&m=109777417922695&w=2 •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2004-0208
https://notcve.org/view.php?id=CVE-2004-0208
16 Oct 2004 — The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. El subsistema de Máquina Virtual DOS de Microsoft Windows NT 4.0, Windows 2000, Windows XP, y Windows Server 2003 permite a usuarios locales acceder a memoria del kernel y ganar privilegi... • http://marc.info/?l=bugtraq&m=109772135404427&w=2 •
CVSS: 10.0EPSS: 53%CPEs: 18EXPL: 0CVE-2003-1048
https://notcve.org/view.php?id=CVE-2003-1048
21 Jul 2004 — Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. mshtml.dll de ciertas versiones de Internet Explorer 6.x permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario mediante una imagen GIF malformada que dispara un desbordamiento de búfer. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009445.html • CWE-415: Double Free •
CVSS: 10.0EPSS: 38%CPEs: 54EXPL: 0CVE-2004-0201
https://notcve.org/view.php?id=CVE-2004-0201
14 Jul 2004 — Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. Vulnerabilidad basada en el montón en el programa HtmlHelp (hh.exe) en ayuda HTML de Microsoft Windows 98, Me, NT, 4.0, 2000, XP y Server 2003 permite a atacantes remotos ejecutar órdenes de su elección mediante un fichero .CHML con... • http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html •
CVSS: 7.8EPSS: 10%CPEs: 9EXPL: 1CVE-2004-0210 – Microsoft Windows Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2004-0210
14 Jul 2004 — The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. El componente POSIX de Microsoft Windows NT y Windows 2000 permite a usuarios locales ejecutar código de su elección mediante ciertos parámetros, posiblemente modificando valores de tamaño de mensaje y causando un desbordamiento de búfer. A privilege elevation vulnerability exists in the POSIX subsystem. T... • https://www.exploit-db.com/exploits/24277 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 78%CPEs: 18EXPL: 2CVE-2004-0212 – Microsoft Windows Task Scheduler (XP/2000) - '.job' (MS04-022)
https://notcve.org/view.php?id=CVE-2004-0212
14 Jul 2004 — Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share. Vulnerabilidad basada en la pila en el Programador de Tareas de Windows 2000 y XP, e Internet Explorer 6 en Windows NT 4.0 permite a atacantes remotos o locales ejecutar código de su elección mediante u... • https://www.exploit-db.com/exploits/353 •