CVSS: 9.3EPSS: 57%CPEs: 15EXPL: 0CVE-2009-1545
https://notcve.org/view.php?id=CVE-2009-1545
12 Aug 2009 — Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability." Vulnerabilidad no especificada en la biblioteca Avifil32.dll en la funcionalidad de manejo de archivos de Windows Media en Microsoft Windows 2000 SP4, XP SP2 y SP3,... • http://secunia.com/advisories/36206 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.5EPSS: 63%CPEs: 15EXPL: 0CVE-2009-1546
https://notcve.org/view.php?id=CVE-2009-1546
12 Aug 2009 — Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability." Un desbordamiento de enteros en la biblioteca Avifil32.dll en la funcionalidad de manejo de archivos de Win... • http://osvdb.org/56909 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 67%CPEs: 15EXPL: 0CVE-2009-1929
https://notcve.org/view.php?id=CVE-2009-1929
12 Aug 2009 — Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability." Desbordamiento de búfer basado en pila en el control Microsoft Terminal Services Client ActiveX cuando se corre RDP v6.1 en Windows XP SP2,... • http://osvdb.org/56912 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 46%CPEs: 18EXPL: 0CVE-2009-1930
https://notcve.org/view.php?id=CVE-2009-1930
12 Aug 2009 — The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834. El servicio Telnet en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 Gold y SP2 permite a los servidores Telnet r... • http://osvdb.org/56904 • CWE-255: Credentials Management Errors •
CVSS: 7.8EPSS: 4%CPEs: 12EXPL: 0CVE-2009-1123 – Microsoft Windows Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2009-1123
10 Jun 2009 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 no valida adecuadamente los cambios en objetos del kernel no especificados, lo que permite a u... • http://osvdb.org/54940 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2009-1124
https://notcve.org/view.php?id=CVE-2009-1124
10 Jun 2009 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate user-mode pointers in unspecified error conditions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Pointer Validation Vulnerability." El Kernel en Microsoft Windows 2000 SP4, XP SP2 y XP SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 no validan de forma apropiada los punteros en modo usuario, bajo cond... • http://osvdb.org/54941 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2009-1125
https://notcve.org/view.php?id=CVE-2009-1125
10 Jun 2009 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application, aka "Windows Driver Class Registration Vulnerability." The kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2, no valida adecuadamente un argumento de una llamada de sistema inespecífica, lo... • http://osvdb.org/54942 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2009-1126
https://notcve.org/view.php?id=CVE-2009-1126
10 Jun 2009 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate the user-mode input associated with the editing of an unspecified desktop parameter, which allows local users to gain privileges via a crafted application, aka "Windows Desktop Parameter Edit Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP2, no valida adecuadamente la entrada "user-mode" asociada con la edición de un parámetro de escritorio no especificados lo que ... • http://osvdb.org/54943 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 2%CPEs: 17EXPL: 1CVE-2009-0229
https://notcve.org/view.php?id=CVE-2009-0229
10 Jun 2009 — The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." Servicio de impresión de Windows en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1 y SP2, y Server 2008 SP2 permite a usuarios locales leer archivos arbitrarios a través de un separador de página elaborado, alias "Vulnerabilida... • https://github.com/zveriu/CVE-2009-0229-PoC • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 57%CPEs: 46EXPL: 0CVE-2009-1529 – Microsoft Internet Explorer setCapture Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1529
10 Jun 2009 — Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted objects, aka "Uninitialized Memory Corruption Vulnerability." Microsoft Internet Explorer 7 para Windows XP SP2 y SP3; 7 para Server 2003 SP2; 7 para Vista Gold, SP1 y SP2; y 7 para Server 2008 SP2, no maneja apro... • http://osvdb.org/54948 • CWE-399: Resource Management Errors CWE-908: Use of Uninitialized Resource •