CVE-2004-0894 – Microsoft Windows - Improper Token Validation Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0894
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program. El Servicio del Subsistema de la Autoridad de Seguridad Local (LSASS) de Windows 2000 Server and Windows Server 2003 no valida adecuadamente la información de conexión, lo que permite a usuarios locales ganar privilegios mediante un programa especialmente diseñado. • https://www.exploit-db.com/exploits/749 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/18340 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1888 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3312 https://oval.cisecurity.org/repository/search/definition/ova •
CVE-2004-0571
https://notcve.org/view.php?id=CVE-2004-0571
Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. El Convertidor de Microsoft Word para Windows 6.0 no valida adecuadamente ciertas longitudes de datos, lo que permite a atacantes remotos ejecutar código arbitrario mediante ficheros .wri, .rtf y .doc enviado por correo electrónico o un sitio web malicioso, también conocida como "Vulnerabilidad de conversión de tabla". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-041 https://exchange.xforce.ibmcloud.com/vulnerabilities/18337 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1168 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1417 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1959 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1976 https://ov •
CVE-2004-1080 – Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045)
https://notcve.org/view.php?id=CVE-2004-1080
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." El servicio WINS (wins.exe) de Microsoft Windows NT Server 4.0, Windows 2000 Server y Windows Server 2003 permite a atacantes remotos escribir localizaciones de memoria arbitrarias y posiblemente ejecutar código arbitrario mediante un puntero de memoria modificado en un paquete de replicación WINS al puerto TCP 42. • https://www.exploit-db.com/exploits/909 https://www.exploit-db.com/exploits/16359 http://marc.info/?l=bugtraq&m=110150370506704&w=2 http://secunia.com/advisories/13328 http://securitytracker.com/id?1012516 http://support.microsoft.com/kb/890710 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.immunitysec.com/downloads/instantanea.pdf http://www.kb.cert.org/vuls/id/145134 http://www.osvdb.org/12378 http://www.securityfocus.com/bid/11763 http:// •
CVE-2004-0575 – GetRight 5.2a - '.grs' Skin File Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0575
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. Desbordamiento de enteros en DUNZIP32.DLL de Microsoft Windows XP, Windows XP edición de 64 bits, Windows Server 2003, y Windows Server 2003 edición de 64 bits permite a atacantes remotos ejecutar código de su elección mediante carpetas comprimidas ("zipeadas") que envuelven un "búfer no comprobado" y una validación de longitud inapropiada. • https://www.exploit-db.com/exploits/677 https://www.exploit-db.com/exploits/640 http://marc.info/?l=ntbugtraq&m=109767342326300&w=2 http://securitytracker.com/id?1011637 http://www.ciac.org/ciac/bulletins/p-010.shtml http://www.eeye.com/html/research/advisories/AD20041012A.html http://www.kb.cert.org/vuls/id/649374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034 https://exchange.xforce.ibmcloud.com/vulnerabilities/17624 https://exchange •
CVE-2004-0839
https://notcve.org/view.php?id=CVE-2004-0839
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". • http://marc.info/?l=bugtraq&m=109303291513335&w=2 http://marc.info/?l=bugtraq&m=109336221826652&w=2 http://seclists.org/lists/fulldisclosure/2004/Aug/0868.html http://www.kb.cert.org/vuls/id/526089 http://www.securityfocus.com/bid/10973 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/17044 https://oval.cisecurity.org/repository/search •