CVSS: 7.2EPSS: 0%CPEs: 21EXPL: 1CVE-2005-0047 – Microsoft Windows - COM Structured Storage Local (MS05-012)
https://notcve.org/view.php?id=CVE-2005-0047
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." • https://www.exploit-db.com/exploits/1019 http://marc.info/?l=bugtraq&m=111755870828817&w=2 http://www.argeniss.com/research/SSExploit.c http://www.kb.cert.org/vuls/id/597889 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/19105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159 https://oval.cisecurity& •
CVSS: 7.5EPSS: 87%CPEs: 35EXPL: 2CVE-2005-0053 – Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
https://notcve.org/view.php?id=CVE-2005-0053
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Internet Explorer 5.01, 5.5 y 6 permite a los atacantes remotos ejecutar código arbitrario mediante eventos de arrastrar y soltar, también conocidos como "Vulnerabilidad de arrastrar y soltar". • https://www.exploit-db.com/exploits/24693 http://www.kb.cert.org/vuls/id/698835 http://www.securityfocus.com/bid/11466 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015 https&# •
CVSS: 5.1EPSS: 29%CPEs: 58EXPL: 3CVE-2004-1306 – Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow
https://notcve.org/view.php?id=CVE-2004-1306
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. El desbordamiento de búfer basado en memoria dinámica (heap) en winhlp32.exe en Windows NT, Windows 2000 a SP4, Windows XP a SP2 y Windows 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un archivo.hlp diseñado. • https://www.exploit-db.com/exploits/25049 http://marc.info/?l=bugtraq&m=110383690219440&w=2 http://www.securityfocus.com/bid/12092 http://www.xfocus.net/flashsky/icoExp https://exchange.xforce.ibmcloud.com/vulnerabilities/18678 •
CVSS: 7.5EPSS: 90%CPEs: 6EXPL: 1CVE-2004-0567 – Microsoft Windows Server 2000 - WINS Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0567
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •
CVSS: 5.0EPSS: 19%CPEs: 67EXPL: 1CVE-2004-1305 – Microsoft Windows Kernel - '.ANI' File Parsing Crash
https://notcve.org/view.php?id=CVE-2004-1305
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. • https://www.exploit-db.com/exploits/721 http://marc.info/?l=bugtraq&m=110382854111833&w=2 http://www.kb.cert.org/vuls/id/177584 http://www.kb.cert.org/vuls/id/697136 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/18667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o •