NotCVE - vendor:"Microsoft" product:"Windows Server 2003" version:"r2"

Page 27 of 431 results (0.027 seconds)

CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 1

CVE-2012-0181 – Microsoft Windows XP - Keyboard Layouts Pool Corruption (PoC) (MS12-034)

https://notcve.org/view.php?id=CVE-2012-0181

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout File Vulnerability." win32k.sys en los controladores en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, y Windows 8 Consumer Preview no gestiona adecuadamente los archivos Keyboard Layout, permitiendo a usuarios locales conseguir privilegios a través de una aplicación manipulada, también conocido como "Vulnerabilidad de Keyboard Layout" • https://www.exploit-db.com/exploits/18894 http://www.securitytracker.com/id?1027039 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15355 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0

CVE-2012-0180

https://notcve.org/view.php?id=CVE-2012-0180

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka "Windows and Messages Vulnerability." win32k.sys en los controladores en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, y Windows 8 Consumer Preview no gestiona adecuadamente la entrada en modo usuario pasada al kernel para (1) windows y (2) mensajes, permitiendo a usuarios locales ganar privilegios mediante una aplicación manipulada, también conocida como "Vulnerabilidad en Windows y Mensajes" • http://www.securityfocus.com/bid/53324 http://www.securitytracker.com/id?1027039 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15466 • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0

CVE-2012-1848

https://notcve.org/view.php?id=CVE-2012-1848

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Scrollbar Calculation Vulnerability." win32k.sys en los controladores en modo kernel en Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, y Windows 8 Consumer Preview no maneja adecuadamente la entrada en modo usuario pasada al modo kernel, permitiendo a usuarios locales conseguir privilegios a través de una aplicación manipulada, también conocido como "vulnerabilidad de cálculo de la barra de desplazamiento." • http://www.securityfocus.com/bid/53327 http://www.securitytracker.com/id?1027039 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15555 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 95%CPEs: 27EXPL: 0

CVE-2012-0171

https://notcve.org/view.php?id=CVE-2012-0171

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no maneja apropiadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto borrado. También conocida como "vulnerabilidad de ejecución de código remota SelectAll". • http://www.securitytracker.com/id?1026901 http://www.us-cert.gov/cas/techalerts/TA12-101A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/74382 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15313 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 88%CPEs: 19EXPL: 0

CVE-2012-0151 – Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability." La función Authenticode Signature Verification en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, y Windows 8 Consumer Preview no valida de forma adecuada el resumen de un fichero portable y ejecutable (PE), lo que permite a atacantes remotos asistidos por usuarios ejecutar código a través de un fichero modificado con contenido adicional, también conocido como "WinVerifyTrust Signature Validation Vulnerability". The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code. • http://osvdb.org/81135 http://secunia.com/advisories/48581 http://www.securitytracker.com/id?1026906 http://www.us-cert.gov/cas/techalerts/TA12-101A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15594 • CWE-20: Improper Input Validation •

1...25 26 27 28 29