CVE-2004-0200 – Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)
https://notcve.org/view.php?id=CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •
CVE-2002-0864
https://notcve.org/view.php?id=CVE-2002-0864
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." • http://marc.info/?l=bugtraq&m=103235745116592&w=2 http://marc.info/?l=bugtraq&m=103236181522253&w=2 http://www.iss.net/security_center/static/10120.php http://www.securityfocus.com/bid/5713 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 •
CVE-2002-0863
https://notcve.org/view.php?id=CVE-2002-0863
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." • http://marc.info/?l=bugtraq&m=103235960119404&w=2 http://marc.info/?l=bugtraq&m=103236181522253&w=2 http://www.iss.net/security_center/static/10121.php http://www.iss.net/security_center/static/10122.php http://www.kb.cert.org/vuls/id/865833 http://www.securityfocus.com/bid/5711 http://www.securityfocus.com/bid/5712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mi •