CVSS: 7.5EPSS: 12%CPEs: 31EXPL: 2CVE-2006-3880 – Microsoft Windows XP/2000/2003 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3880
27 Jul 2006 — Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, a... • https://www.exploit-db.com/exploits/28263 •
CVSS: 8.4EPSS: 76%CPEs: 9EXPL: 1CVE-2006-1314 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1314
11 Jul 2006 — Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. Desbordamiento de búfer basado en montículo en Server Service (SRV.SYS driver) de Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, pe... • https://www.exploit-db.com/exploits/2057 •
CVSS: 8.8EPSS: 25%CPEs: 55EXPL: 1CVE-2006-3351
https://notcve.org/view.php?id=CVE-2006-3351
06 Jul 2006 — Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. Desbordamiento de buffer en el Explorador de Windows (explorer.exe) de Windows XP y 2003. Permite a usuarios remotos con ayuda del usuario causar una denegación de servicio (indisponibilidad repetida de la aplicación... • http://securityreason.com/securityalert/1186 •
CVSS: 9.8EPSS: 79%CPEs: 29EXPL: 4CVE-2006-2370 – Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025)
https://notcve.org/view.php?id=CVE-2006-2370
13 Jun 2006 — Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/16375 •
CVSS: 9.8EPSS: 44%CPEs: 29EXPL: 0CVE-2006-2371
https://notcve.org/view.php?id=CVE-2006-2371
13 Jun 2006 — Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." • http://secunia.com/advisories/20630 •
CVSS: 7.8EPSS: 60%CPEs: 32EXPL: 0CVE-2006-2378
https://notcve.org/view.php?id=CVE-2006-2378
13 Jun 2006 — Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. • http://secunia.com/advisories/20605 •
CVSS: 9.8EPSS: 67%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
13 Jun 2006 — Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 56%CPEs: 32EXPL: 0CVE-2006-1313
https://notcve.org/view.php?id=CVE-2006-1313
13 Jun 2006 — Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 •
CVSS: 8.4EPSS: 52%CPEs: 62EXPL: 0CVE-2006-0034
https://notcve.org/view.php?id=CVE-2006-0034
09 May 2006 — Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 62EXPL: 0CVE-2006-1184
https://notcve.org/view.php?id=CVE-2006-1184
09 May 2006 — Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119. • http://secunia.com/advisories/20000 •