CVSS: 7.5EPSS: 54%CPEs: 16EXPL: 0CVE-2010-0025
https://notcve.org/view.php?id=CVE-2010-0025
14 Apr 2010 — The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability." El componente SMTP en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Server 2008 Gold, SP2, y R2, y Ex... • http://secunia.com/advisories/39253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2010-0234
https://notcve.org/view.php?id=CVE-2010-0234
14 Apr 2010 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 Gold y SP2 no valida adecuadamente un argumento del... • http://secunia.com/advisories/39373 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2010-0235
https://notcve.org/view.php?id=CVE-2010-0235
14 Apr 2010 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Vista Gold no realiza adecuadamente la validación esperada antes de crear un enlace simbólico, lo que permite a usuarios locales... • http://secunia.com/advisories/39373 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2010-0236
https://notcve.org/view.php?id=CVE-2010-0236
14 Apr 2010 — The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability." El kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Vista Gold no asigna adecuadamente memoria para llave destino asociada con una llave de registro de enlace simbólico, l... • http://secunia.com/advisories/39373 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 4%CPEs: 3EXPL: 0CVE-2010-0237
https://notcve.org/view.php?id=CVE-2010-0237
14 Apr 2010 — The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows Kernel Symbolic Link Creation Vulnerability." El kernel en Microsoft Windows 2000 SP4 y XP SP2 y SP3 permite a usuarios locales obtener privilegios para crear un enlace simbólico desde un registro sin confianza a un registro conconfianza, conocido como "Windows Kernel Symbolic Link Creation Vulnerability." • http://secunia.com/advisories/39373 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 1%CPEs: 9EXPL: 0CVE-2010-0238
https://notcve.org/view.php?id=CVE-2010-0238
14 Apr 2010 — Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." Vulnerabilidad no especificada en la validación de la llave de registro en el kernel en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, y Vista Gold permite a usuarios locales causar una denegación de servicio (reinicio) a... • http://secunia.com/advisories/39373 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 61%CPEs: 23EXPL: 1CVE-2010-0269 – Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
https://notcve.org/view.php?id=CVE-2010-0269
14 Apr 2010 — The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability." El cliente SMB en Microsoft Windows 2000 SP4, Windows XP SP2 y SP3, Windows Server 2003 SP... • https://www.exploit-db.com/exploits/12273 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 78%CPEs: 1EXPL: 1CVE-2010-0478 – Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025)
https://notcve.org/view.php?id=CVE-2010-0478
14 Apr 2010 — Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability." Desbordamiento de búfer basado en nsum.exe en el Servicio Windows Media Unicast en Media Services para Microsoft Windows 2000 Server SP4 permite a atacantes remotos ejecutar código de su elección a través d... • https://www.exploit-db.com/exploits/16333 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 81%CPEs: 19EXPL: 3CVE-2010-0480 – Microsoft MPEG Layer-3 Audio Decoder - Division By Zero
https://notcve.org/view.php?id=CVE-2010-0480
14 Apr 2010 — Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en los codificadores de audio MPEG Layer-3 en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, SP2, y Server 2008 Gold y... • https://www.exploit-db.com/exploits/15096 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 44%CPEs: 23EXPL: 0CVE-2010-0486
https://notcve.org/view.php?id=CVE-2010-0486
14 Apr 2010 — The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka ... • http://www.us-cert.gov/cas/techalerts/TA10-103A.html • CWE-20: Improper Input Validation •