CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0CVE-2006-0008
https://notcve.org/view.php?id=CVE-2006-0008
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 http://securitytracker.com/id?1015631 http://www.kb.cert.org/vuls/id/739844 http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html http://www.securityfocus.com/archive/1/425141/100/0/threaded http://www.securityfocus.com/bid/16643 http://www.vupen.com/english/advisories/2006/0578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/24492 https://oval.cisec • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0CVE-2006-0002
https://notcve.org/view.php?id=CVE-2006-0002
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 http://securityreason.com/securityalert/330 http://securityreason.com/securityalert/331 http://securitytracker.com/id?1015460 http://securitytracker.com/id?1015461 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.kb.cert.org/vuls/id/252146 http://www.securityfocus.com/archive/1/421518/100/0/threaded http://www.securityfocus.com/archive/1/421520/100/0/threaded http://www.securityfocus.com/bid/16197 http://www.us- •
CVSS: 7.5EPSS: 87%CPEs: 2EXPL: 1CVE-2005-0560 – Microsoft Exchange Server - Remote Code Execution (MS05-021)
https://notcve.org/view.php?id=CVE-2005-0560
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port. • https://www.exploit-db.com/exploits/947 http://marc.info/?l=bugtraq&m=111393947713420&w=2 http://secunia.com/advisories/14920 http://www.kb.cert.org/vuls/id/275193 http://www.osvdb.org/displayvuln.php?osvdb_id=15467 http://www.us-cert.gov/cas/techalerts/TA05-102A.html http://xforce.iss.net/xforce/alerts/id/193 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0738
https://notcve.org/view.php?id=CVE-2005-0738
Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a large number of recursive calls. • http://secunia.com/advisories/14543 http://support.microsoft.com/?kbid=891504 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.8EPSS: 97%CPEs: 2EXPL: 3CVE-2005-0420 – Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection
https://notcve.org/view.php?id=CVE-2005-0420
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application. Microsoft Outlook Web Access (OWA), cuando se usa con Exchange, permite a atacantes remotos redirigir usuario a URLs de inicio de sesión de su elección mediante un enlace a la aplicación owalogin.asp. • https://www.exploit-db.com/exploits/25084 http://seclists.org/lists/fulldisclosure/2005/Feb/0106.html http://secunia.com/advisories/14144 http://www.securityfocus.com/bid/12459 http://www.vupen.com/english/advisories/2005/0105 https://exchange.xforce.ibmcloud.com/vulnerabilities/19225 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •