CVSS: 10.0EPSS: 87%CPEs: 13EXPL: 4CVE-2012-0002 – Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0002
13 Mar 2012 — The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, aka "Remote Desktop Protocol Vulnerability." La aplicación ... • https://packetstorm.news/files/id/180945 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 58%CPEs: 3EXPL: 2CVE-2011-2005 – Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2011-2005
12 Oct 2011 — afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." afd.sys en el controlador de función auxiliar de Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 no valida correctamente la entrada de datos que se le pasa en modo de usuario una ... • https://www.exploit-db.com/exploits/21844 •
CVSS: 7.8EPSS: 41%CPEs: 4EXPL: 2CVE-2011-1974 – Microsoft Windows (x86) - 'NDISTAPI' Local Privilege Escalation (MS11-062)
https://notcve.org/view.php?id=CVE-2011-1974
10 Aug 2011 — NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability." NDISTAPI.sys del controlador NDISTAPI en el servicio de acceso remoto (RAS) de Microsoft Windows XP SP2 y SP3 y Windows Server 2003 SP2 no valida apropiadamente la entrada de mod... • https://packetstorm.news/files/id/139317 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 2CVE-2011-2602
https://notcve.org/view.php?id=CVE-2011-2602
30 Jun 2011 — The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. El controlador NVIDIA Geforce 310 v6.14.12.7061 en Windows XP SP3 permite a atacantes remotos causar una denegación de servicio (caída del sistema) a través de una página web manipulada que se visit... • http://www.contextis.com/resources/blog/webgl • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 2CVE-2011-2604
https://notcve.org/view.php?id=CVE-2011-2604
30 Jun 2011 — The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. El controlador de Intel G41 v6.14.10.5355 en Windows XP SP3 permite a atacantes remotos causar una denegación de servicio (caída del sistema) a través de una página web manipulada que se visita con Google Ch... • http://www.contextis.com/resources/blog/webgl • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 29%CPEs: 16EXPL: 6CVE-2011-1249 – Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)
https://notcve.org/view.php?id=CVE-2011-1249
16 Jun 2011 — The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." La función del controlador auxiliar (AFD)en afd.sys de Microsoft ... • https://packetstorm.news/files/id/139196 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 1CVE-2011-1237
https://notcve.org/view.php?id=CVE-2011-1237
13 Apr 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerabil... • https://github.com/BrunoPujos/CVE-2011-1237 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2010-4238 – kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
https://notcve.org/view.php?id=CVE-2010-4238
22 Jan 2011 — The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. • http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 8%CPEs: 9EXPL: 4CVE-2010-4398 – Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-4398
03 Dec 2010 — Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability." Desborda... • http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 2CVE-2010-2739 – Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-2739
07 Sep 2010 — Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors. Desbordamiento de búffer basado en pila en la función CreateDIBPalette en win32k.sys de... • https://www.exploit-db.com/exploits/14566 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •