CVSS: 7.5EPSS: 97%CPEs: 3EXPL: 0CVE-2006-0027 – MS06-019 Exchange MODPROP Heap Overflow
https://notcve.org/view.php?id=CVE-2006-0027
Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties. • http://secunia.com/advisories/20029 http://securitytracker.com/id?1016048 http://www.kb.cert.org/vuls/id/303452 http://www.osvdb.org/25338 http://www.securityfocus.com/bid/17908 http://www.us-cert.gov/cas/techalerts/TA06-129A.html http://www.vupen.com/english/advisories/2006/1743 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-019 https://exchange.xforce.ibmcloud.com/vulnerabilities/25556 https://oval.cisecurity.org/repository/search/definition/ov •
CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0CVE-2006-0002
https://notcve.org/view.php?id=CVE-2006-0002
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 http://securityreason.com/securityalert/330 http://securityreason.com/securityalert/331 http://securitytracker.com/id?1015460 http://securitytracker.com/id?1015461 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.kb.cert.org/vuls/id/252146 http://www.securityfocus.com/archive/1/421518/100/0/threaded http://www.securityfocus.com/archive/1/421520/100/0/threaded http://www.securityfocus.com/bid/16197 http://www.us- •
CVSS: 7.5EPSS: 89%CPEs: 10EXPL: 0CVE-2005-1987
https://notcve.org/view.php?id=CVE-2005-1987
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. • http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html http://marc.info/?l=bugtraq&m=112915118302012&w=2 http://secunia.com/advisories/17167 http://securitytracker.com/id?1015038 http://securitytracker.com/id?1015039 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ907245 http://www.kb.cert.org/vuls/id/883460 http://www.osvdb.org/19905 http://www.securityfocus.com/bid/15067 http://www.us-cert.gov/cas/techalerts/TA05-284A.html https:/ • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 87%CPEs: 2EXPL: 1CVE-2005-0560 – Microsoft Exchange Server - Remote Code Execution (MS05-021)
https://notcve.org/view.php?id=CVE-2005-0560
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port. • https://www.exploit-db.com/exploits/947 http://marc.info/?l=bugtraq&m=111393947713420&w=2 http://secunia.com/advisories/14920 http://www.kb.cert.org/vuls/id/275193 http://www.osvdb.org/displayvuln.php?osvdb_id=15467 http://www.us-cert.gov/cas/techalerts/TA05-102A.html http://xforce.iss.net/xforce/alerts/id/193 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 94%CPEs: 5EXPL: 1CVE-2004-0574 – Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
https://notcve.org/view.php?id=CVE-2004-0574
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. El componente de Protocolo de Transferencia de Noticias de Red (NNTP) de Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, y Exchange Server 2003 permite a atacantes remtos ejecutar código de su elección mediante patrones XPAT, posiblemente relacionado con una validación de longitud inadecuada o un "búfer sin comprobar", conduciendo a desbordamientos de búfer basados en la pila y error de fuera por uno. • https://www.exploit-db.com/exploits/578 http://marc.info/?l=bugtraq&m=109761632831563&w=2 http://www.ciac.org/ciac/bulletins/p-012.shtml http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10 http://www.kb.cert.org/vuls/id/203126 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036 https://exchange.xforce.ibmcloud.com/vulnerabilities/17641 https://exchange.xforce.ibmcloud.com/vulnerabilities/17661 https://oval.cisecurity.org/repository/s • CWE-787: Out-of-bounds Write •