CVSS: 9.8EPSS: 67%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
13 Jun 2006 — Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 56%CPEs: 32EXPL: 0CVE-2006-1313
https://notcve.org/view.php?id=CVE-2006-1313
13 Jun 2006 — Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 •
CVSS: 9.8EPSS: 51%CPEs: 30EXPL: 0CVE-2006-0012
https://notcve.org/view.php?id=CVE-2006-0012
12 Apr 2006 — Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." • http://secunia.com/advisories/19606 •
CVSS: 9.3EPSS: 71%CPEs: 45EXPL: 3CVE-2006-0005 – Microsoft Windows Media Player - Plugin Overflow (MS06-006)
https://notcve.org/view.php?id=CVE-2006-0005
14 Feb 2006 — Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. • https://www.exploit-db.com/exploits/1520 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2006-0008
https://notcve.org/view.php?id=CVE-2006-0008
14 Feb 2006 — The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 65%CPEs: 18EXPL: 0CVE-2006-0013
https://notcve.org/view.php?id=CVE-2006-0013
14 Feb 2006 — Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. • http://secunia.com/advisories/18857 •
CVSS: 7.8EPSS: 65%CPEs: 24EXPL: 2CVE-2006-0021 – Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007)
https://notcve.org/view.php?id=CVE-2006-0021
14 Feb 2006 — Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." • https://www.exploit-db.com/exploits/1599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 67%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
10 Jan 2006 — Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacant... • http://seclists.org/fulldisclosure/2006/Jan/363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 75%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
09 Jan 2006 — Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 60%CPEs: 24EXPL: 1CVE-2005-1218 – Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service
https://notcve.org/view.php?id=CVE-2005-1218
10 Aug 2005 — The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. • https://www.exploit-db.com/exploits/1143 •