CVSS: 10.0EPSS: 91%CPEs: 16EXPL: 0CVE-2009-2494 – VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-2494
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability." La librería Active Template (ATL) en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 Gold y SP2 permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con operaciones libres erróneas posteriormente a la lectura de una variante desde un stream y el borrado de esta variante, también conocido como "Vulnerabilidad de mal emparejamiento de tipo de objeto ATL". • http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx http://osvdb.org/56910 http://secunia.com/advisories/36187 http://www.securityfocus.com/bid/35982 http://www.securitytracker.com/id?1022712 http://www.us-cert.gov/cas/techalerts/TA09-223A.html http://www.vupen.com/english/advisories/2009/2232 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037 https://oval.cisecurity.org/repository • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 90%CPEs: 4EXPL: 0CVE-2009-1924
https://notcve.org/view.php?id=CVE-2009-1924
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability." Desbordamiento de entero en el el componente Windows Internet Name Service (WINS) para Windows 2000 SP4, permite a los partners (compañeros) de replicación WINS remota la ejecución de código de su elección a través de estructuras de datos manipuladas en un paquete, también conocida como "Vulnerabilidad de desbordamiento de entero en WINS". • http://www.us-cert.gov/cas/techalerts/TA09-223A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6354 • CWE-189: Numeric Errors •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2009-1922
https://notcve.org/view.php?id=CVE-2009-1922
The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability." El servicio de cola de mensajes de Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, y Vista Gold no valida de forma adecuada los datos de una petición inespecífica IOCTL en el modo de usuario antes de pasar esta petición al modo kernel, lo que permite a usuarios locales conseguir un aumento de privilegios a través de una petición manipulada, también conocido como "Vulnerabilidad de puntero nulo MSMQ" • http://en.securitylab.ru/lab/PT-2008-09 http://osvdb.org/56901 http://secunia.com/advisories/36214 http://www.securityfocus.com/archive/1/505691/100/0/threaded http://www.securitytracker.com/id?1022714 http://www.us-cert.gov/cas/techalerts/TA09-223A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6109 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 83%CPEs: 17EXPL: 0CVE-2009-1133 – Microsoft Remote Desktop Client Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-1133
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability." Desbordamiento de búfer basado en memoria dinámica en la conexión remota de escritorio de Microsoft (anteriormente Terminal Services Client) cuando corre RDP desde v5.0 hasta v6.1 en Windows, y Cliente de escritorio remoto para Mac 2.0, permite a atacantes remotos ejecutar código arbitrario a través de parámetros sin especificar, también conocido como "Vulnerabilidad de memoria dinámica en la conexión de escritorio remoto" This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within mstscax.dll when parsing packets from an RDP server. A design flaw in the client allows a malicious RDP server to write to arbitrary memory inside the connecting processes memory space. By hosting a malicious RDP server, an attacker can execute arbitrary code on any client that attempts to connect to it. • http://secunia.com/advisories/36229 http://www.securitytracker.com/id?1022709 http://www.us-cert.gov/cas/techalerts/TA09-223A.html http://www.vupen.com/english/advisories/2009/2238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 74%CPEs: 4EXPL: 0CVE-2009-1923 – Microsoft Windows WINS Service Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1923
Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability." Desbordamiento de búfer basado en memoria dinámica (heap) en el componente servicio de nombres de Internet (WINS) para Microsoft Windows 2000 SP4 y Server 2003 SP2 en Windows, permite a los atacantes remotos ejecutar arbitrariamente código a través de un paquete de replicación WINS manipulado que lanza un cálculo incorrecto de longitud de búfer, también conocido como "Vulnerabilidad de desbordamiento de búfer WINS basado en memoria dinámica". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WINS.exe process which provides name resolution services for NetBIOS networks. While parsing a push request the WINS service copies packet data to a static heap buffer while within a controlled loop. • http://www.us-cert.gov/cas/techalerts/TA09-223A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6410 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •