CVSS: 9.8EPSS: 1%CPEs: 34EXPL: 0CVE-2005-2388
https://notcve.org/view.php?id=CVE-2005-2388
27 Jul 2005 — Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. Desbordamiento de búfer en cierto driver USB, usado en Windows, permite que atacantes ejecuten código arbitrario. • http://secunia.com/advisories/16210 •
CVSS: 10.0EPSS: 51%CPEs: 37EXPL: 0CVE-2005-1208
https://notcve.org/view.php?id=CVE-2005-1208
14 Jun 2005 — Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html •
CVSS: 9.8EPSS: 44%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
14 Jun 2005 — Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true •
CVSS: 8.1EPSS: 32%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
14 Jun 2005 — Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 •
CVSS: 7.5EPSS: 13%CPEs: 24EXPL: 3CVE-2005-1649 – Microsoft Windows XP/2003 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-1649
18 May 2005 — The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). • https://www.exploit-db.com/exploits/861 •
CVSS: 7.5EPSS: 44%CPEs: 55EXPL: 1CVE-2005-1184 – Multiple Vendor - TCP Session Acknowledgement Number Denial of Service
https://notcve.org/view.php?id=CVE-2005-1184
19 Apr 2005 — The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. • https://www.exploit-db.com/exploits/25439 •
CVSS: 7.8EPSS: 42%CPEs: 58EXPL: 3CVE-2004-1306 – Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow
https://notcve.org/view.php?id=CVE-2004-1306
31 Dec 2004 — Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. El desbordamiento de búfer basado en memoria dinámica (heap) en winhlp32.exe en Windows NT, Windows 2000 a SP4, Windows XP a SP2 y Windows 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un archivo.hlp diseñado. • https://www.exploit-db.com/exploits/25049 •
CVSS: 10.0EPSS: 22%CPEs: 74EXPL: 0CVE-2004-0568
https://notcve.org/view.php?id=CVE-2004-0568
15 Dec 2004 — HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. La aplicación Hyperterminal de Windows NT 4.0, 2000, XP y Server 2003 no valida adecuadamente la longitud de un valor guardado en un fichero d... • http://marc.info/?l=bugtraq&m=110312618614849&w=2 •
CVSS: 7.8EPSS: 1%CPEs: 57EXPL: 0CVE-2004-0893
https://notcve.org/view.php?id=CVE-2004-0893
15 Dec 2004 — The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." La interfaz de Llamada a Procedimiento Local (LPC) en el kernel de Windows NT 4.0, Windows 2000, Windows XP, y Windows Server 2003 no valida adecuadamente la longitud de mensajes enviádos al puerto LCP, lo que permite a usuar... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044 •
CVSS: 7.8EPSS: 1%CPEs: 26EXPL: 1CVE-2004-0894 – Microsoft Windows - Improper Token Validation Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0894
15 Dec 2004 — LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program. El Servicio del Subsistema de la Autoridad de Seguridad Local (LSASS) de Windows 2000 Server and Windows Server 2003 no valida adecuadamente la información de conexión, lo que permite a usuarios locales ganar privilegios mediante un programa especialmente diseñado. • https://www.exploit-db.com/exploits/749 •