Page 13 of 86 results (0.004 seconds)

CVSS: 2.6EPSS: 19%CPEs: 5EXPL: 3

CVE-2006-4071 – Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service

https://notcve.org/view.php?id=CVE-2006-4071

Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file. Vulnerabilidad de extensión de signo en la función createBrushIndirect en la librería GDI (gdi32.dll) en Microsoft Windows XP, Server 2003, y posiblemente otras versiones, permite a atacantes con asistencia del usuario causar una denegación de servicio (caída de aplicación) mediante un fichero WMF artesanal. • https://www.exploit-db.com/exploits/3111 http://determina.blogspot.com/2007/01/whats-wrong-with-wmf.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048530.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048547.html http://secunia.com/advisories/21377 http://securityreason.com/securityalert/1353 http://www.securityfocus.com/archive/1/442420/100/0/threaded http://www.securityfocus.com/archive/1/442426/100/0/threaded http://www.securityfocus •

CVSS: 10.0EPSS: 80%CPEs: 7EXPL: 1

CVE-2006-3440 – Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)

https://notcve.org/view.php?id=CVE-2006-3440

Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." Desbordamiento de búfer en Winsock API en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a atacantes remotos ejecutar código de su elección a tavés de vectores desconocidos, tambien conocido cómo "Vulnerabilidad Winsock Hostname". • https://www.exploit-db.com/exploits/2900 http://secunia.com/advisories/21394 http://securitytracker.com/id?1016653 http://www.kb.cert.org/vuls/id/908276 http://www.securityfocus.com/bid/19319 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3211 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A747 •

CVSS: 10.0EPSS: 93%CPEs: 7EXPL: 1

CVE-2006-3441 – Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)

https://notcve.org/view.php?id=CVE-2006-3441

Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records. Desbordamiento de búger en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar código de su elección a través de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay múltiples vulnerabilidades, relacionados con (1) desbordamiento de búfer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran pérdida de cálculo en los registros TXT, HINFO, X25, e ISDN. • https://www.exploit-db.com/exploits/2900 http://secunia.com/advisories/21394 http://securitytracker.com/id?1016653 http://www.kb.cert.org/vuls/id/794580 http://www.osvdb.org/27844 http://www.securityfocus.com/bid/19404 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3211 http://xforce.iss.net/xforce/alerts/id/233 http://xforce.iss.net/xforce/alerts/id/234 http://xforce.iss.net/xforce/alerts/id/235&# •

CVSS: 7.6EPSS: 23%CPEs: 5EXPL: 0

CVE-2006-3648

https://notcve.org/view.php?id=CVE-2006-3648

Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." Vulnerabilidad no especificada en Microsoft Windows 2000 SP4, XP SP1 y SP2, Server 2003 y 2003 SP1, permite a atacantes remotos ejecutar código de su elección a través de vectores que afectan a excepciones no controladas, aplicaciones de memoria residente, y incorrectamente "excepción de descarga encadenada". • http://securitytracker.com/id?1016661 http://www.kb.cert.org/vuls/id/411516 http://www.securityfocus.com/bid/19384 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3216 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A841 •

CVSS: 10.0EPSS: 96%CPEs: 9EXPL: 5

CVE-2006-3439 – Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040)

https://notcve.org/view.php?id=CVE-2006-3439

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314. Desbordamiento de búfer en Server Service en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto, incluidos usuario anónimos, ejecutar código de su elección a través de mensajes RPC manipulados, una vulnerabilidad diferente que CVE-2006-1314. • https://www.exploit-db.com/exploits/16367 https://www.exploit-db.com/exploits/2223 https://www.exploit-db.com/exploits/2265 https://www.exploit-db.com/exploits/2162 https://www.exploit-db.com/exploits/2355 http://secunia.com/advisories/21388 http://securitytracker.com/id?1016667 http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html http://www.dhs.gov/dhspublic/display?content=5789 http://www.kb.cert.org/vuls/id/650769 http:/&#x •