CVSS: 7.8EPSS: 35%CPEs: 9EXPL: 1CVE-2005-1978 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1978
11 Oct 2005 — COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. • https://www.exploit-db.com/exploits/1352 •
CVSS: 7.5EPSS: 79%CPEs: 9EXPL: 2CVE-2005-1979 – Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1979
11 Oct 2005 — Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. • https://www.exploit-db.com/exploits/26341 •
CVSS: 7.5EPSS: 75%CPEs: 9EXPL: 1CVE-2005-1980 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1980
11 Oct 2005 — Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." • https://www.exploit-db.com/exploits/1352 •
CVSS: 9.1EPSS: 58%CPEs: 9EXPL: 2CVE-2005-2119 – Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051)
https://notcve.org/view.php?id=CVE-2005-2119
11 Oct 2005 — The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer. • https://www.exploit-db.com/exploits/1341 •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2005-2765
https://notcve.org/view.php?id=CVE-2005-2765
01 Sep 2005 — The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included. • http://www.microsoft.com/technet/security/advisory/897663.mspx •
CVSS: 10.0EPSS: 51%CPEs: 37EXPL: 0CVE-2005-1208
https://notcve.org/view.php?id=CVE-2005-1208
14 Jun 2005 — Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html •
CVSS: 9.8EPSS: 44%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
14 Jun 2005 — Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true •
CVSS: 8.1EPSS: 32%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
14 Jun 2005 — Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 •
CVSS: 9.8EPSS: 30%CPEs: 12EXPL: 1CVE-2005-1935
https://notcve.org/view.php?id=CVE-2005-1935
09 Jun 2005 — Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue. • http://www.phreedom.org/solar/exploits/msasn1-bitstring •
CVSS: 9.8EPSS: 50%CPEs: 6EXPL: 1CVE-2004-0567 – Microsoft Windows Server 2000 - WINS Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0567
31 Dec 2004 — The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 •