CVSS: 9.8EPSS: 56%CPEs: 32EXPL: 0CVE-2006-1313
https://notcve.org/view.php?id=CVE-2006-1313
13 Jun 2006 — Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 •
CVSS: 8.4EPSS: 52%CPEs: 62EXPL: 0CVE-2006-0034
https://notcve.org/view.php?id=CVE-2006-0034
09 May 2006 — Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 62EXPL: 0CVE-2006-1184
https://notcve.org/view.php?id=CVE-2006-1184
09 May 2006 — Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119. • http://secunia.com/advisories/20000 •
CVSS: 9.8EPSS: 51%CPEs: 30EXPL: 0CVE-2006-0012
https://notcve.org/view.php?id=CVE-2006-0012
12 Apr 2006 — Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." • http://secunia.com/advisories/19606 •
CVSS: 7.8EPSS: 29%CPEs: 52EXPL: 2CVE-2006-1591
https://notcve.org/view.php?id=CVE-2006-1591
03 Apr 2006 — Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. desbordamiento de búfer basado en memoria dinámica (heap) en Microsoft Windows Help winhlp32.exe permite a los atacantes asistidos por el usuario ejecutar código arbitrario a través de datos de imagen incrustados creados en un archivo .hlp. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html •
CVSS: 9.3EPSS: 71%CPEs: 45EXPL: 3CVE-2006-0005 – Microsoft Windows Media Player - Plugin Overflow (MS06-006)
https://notcve.org/view.php?id=CVE-2006-0005
14 Feb 2006 — Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. • https://www.exploit-db.com/exploits/1520 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2006-0008
https://notcve.org/view.php?id=CVE-2006-0008
14 Feb 2006 — The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 65%CPEs: 18EXPL: 0CVE-2006-0013
https://notcve.org/view.php?id=CVE-2006-0013
14 Feb 2006 — Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. • http://secunia.com/advisories/18857 •
CVSS: 7.8EPSS: 65%CPEs: 24EXPL: 2CVE-2006-0021 – Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007)
https://notcve.org/view.php?id=CVE-2006-0021
14 Feb 2006 — Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." • https://www.exploit-db.com/exploits/1599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 67%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
10 Jan 2006 — Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacant... • http://seclists.org/fulldisclosure/2006/Jan/363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •