CVSS: 9.8EPSS: 75%CPEs: 30EXPL: 0CVE-2006-0012
https://notcve.org/view.php?id=CVE-2006-0012
12 Apr 2006 — Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." • http://secunia.com/advisories/19606 •
CVSS: 9.3EPSS: 95%CPEs: 45EXPL: 3CVE-2006-0005 – Microsoft Windows Media Player - Plugin Overflow (MS06-006)
https://notcve.org/view.php?id=CVE-2006-0005
14 Feb 2006 — Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. • https://www.exploit-db.com/exploits/1520 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 79%CPEs: 24EXPL: 2CVE-2006-0021 – Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007)
https://notcve.org/view.php?id=CVE-2006-0021
14 Feb 2006 — Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." • https://www.exploit-db.com/exploits/1599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 59%CPEs: 18EXPL: 0CVE-2006-0013
https://notcve.org/view.php?id=CVE-2006-0013
14 Feb 2006 — Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. • http://secunia.com/advisories/18857 •
CVSS: 7.8EPSS: 4%CPEs: 25EXPL: 0CVE-2006-0008
https://notcve.org/view.php?id=CVE-2006-0008
14 Feb 2006 — The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 83%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
10 Jan 2006 — Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacant... • http://seclists.org/fulldisclosure/2006/Jan/363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 90%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
09 Jan 2006 — Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 95%CPEs: 9EXPL: 2CVE-2005-2124 – Microsoft Windows Metafile - 'gdi32.dll' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2124
29 Nov 2005 — Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability." • https://www.exploit-db.com/exploits/1343 •
CVSS: 7.8EPSS: 64%CPEs: 9EXPL: 1CVE-2005-2123 – Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2123
29 Nov 2005 — Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. • https://www.exploit-db.com/exploits/1346 •
CVSS: 7.5EPSS: 4%CPEs: 9EXPL: 1CVE-2005-1980 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1980
11 Oct 2005 — Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." • https://www.exploit-db.com/exploits/1352 •