CVSS: 5.0EPSS: 14%CPEs: 31EXPL: 2CVE-2006-3880 – Microsoft Windows XP/2000/2003 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3880
Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, and attempts on reproing the issue on multiple fresh installs of various Windows Operating Systems have all resulted in non confirmation. ** IMPUGNADO ** Microsoft Windows NT 4.0, Windows 2000, Windows XP, y Windows Small Business Server 2003 permite a atacantes remotos provocar denegación de servicio (manipular la pila IP) a través de un flujo continuo de paquetes sobre el puerto TCP 135 que tiene una cabecera de validación (checksum) TCP erronea y números aleatorios en ciertos campos de cabeceras TCP, como se demostró con Achilles Windows Attack Tool. NOTA: el investigador indicaque Microsoft Security Response Center ha indicado que "Nuestra investigación que ha incluido la revisión de código, la revisión del TCPDump, e intentó reproducir el asunto en múltiples instalaciones frescas de varios sistemas operativos de Windows dieron como resultado la no confirmación". • https://www.exploit-db.com/exploits/28263 http://securityreason.com/securityalert/1282 http://www.securityfocus.com/archive/1/441007/100/0/threaded http://www.securityfocus.com/bid/19135 •
CVSS: 7.5EPSS: 94%CPEs: 9EXPL: 1CVE-2006-1314 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1314
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. Desbordamiento de búfer basado en montículo en Server Service (SRV.SYS driver) de Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de mensajes Mailslot de primera clase manipulados lo que dispara una corrupción de memoria y evita las restricciones de tamaño en mensajes Mailslot de segunda clase. • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securityreason.com/securityalert/1212 http://www.kb.cert.org/vuls/id/189140 http://www.osvdb.org/27154 http://www.securityfocus.com/archive/1/439773/100/0/threaded http://www.securityfocus.com/bid/18863 http://www.tippingpoint.com/security/advisories/TSRT-06-02.html http://www.us-cert.gov/cas/techalerts/TA06-192A.html http://www.vupen.com/english/advisories/2006/2753 https:// •
CVSS: 5.4EPSS: 12%CPEs: 55EXPL: 1CVE-2006-3351
https://notcve.org/view.php?id=CVE-2006-3351
Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. Desbordamiento de buffer en el Explorador de Windows (explorer.exe) de Windows XP y 2003. Permite a usuarios remotos con ayuda del usuario causar una denegación de servicio (indisponibilidad repetida de la aplicación) y, posiblemente, la ejecución de código de la elección del atacante remoto a través de un fichero de extensión .url con una etiqueta "InternetShortcut" que contiene una URL extensa y un gran número de especificadores "file:". • http://securityreason.com/securityalert/1186 http://www.securityfocus.com/archive/1/439153/100/0/threaded http://www.securityfocus.com/archive/1/439660/100/200/threaded http://www.securityfocus.com/bid/18838 https://exchange.xforce.ibmcloud.com/vulnerabilities/27567 •
CVSS: 6.8EPSS: 93%CPEs: 32EXPL: 0CVE-2006-1313
https://notcve.org/view.php?id=CVE-2006-1313
Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 http://securitytracker.com/id?1016283 http://www.kb.cert.org/vuls/id/390044 http://www.osvdb.org/26434 http://www.securityfocus.com/bid/18359 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2321 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/26805 https://oval.cisecurity.org/repository/search/definition/ov •
CVSS: 6.8EPSS: 89%CPEs: 32EXPL: 0CVE-2006-2378
https://notcve.org/view.php?id=CVE-2006-2378
Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. • http://secunia.com/advisories/20605 http://securitytracker.com/id?1016292 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407 http://www.kb.cert.org/vuls/id/923236 http://www.osvdb.org/26432 http://www.securityfocus.com/bid/18394 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2320 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022 https://exchange.xforce.ibmcloud.com/vulnera •