Page 32 of 317 results (0.006 seconds)

CVSS: 7.6EPSS: 7%CPEs: 5EXPL: 0

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. El desbordamiento del búfer en el Windows Shell (usado como escritorio de Windows) permite a atacantes locales y posibles atacantes remotos, la ejecución de código arbitrario mediante un manejador de URL que no ha sido eliminado de una aplicación defectuosamente desinstalada. • http://marc.info/?l=bugtraq&m=101594127017290&w=2 http://www.iss.net/security_center/static/8384.php http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0203&L=ntbugtraq&F=P&S=&P=2404 http://www.securityfocus.com/bid/4248 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A147 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0

In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. En Windows NT y Windows 2000, un dominio valido que recibe información de autorización de un dominio de confianza no verifica que el dominio de confianza es autoritativo para las SIDs listadas, lo que podría permitir a atacantes remotos ganar privilegios de administrador de dominio en el dominio confiante injectando SIDs de dominios no de confianza en los datos de autorización que vienen del dominio de confianza. • http://www.securityfocus.com/bid/3997 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001 https://exchange.xforce.ibmcloud.com/vulnerabilities/8023 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64 •

CVSS: 7.5EPSS: 26%CPEs: 6EXPL: 0

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Desbordamiento de buffer en el agente del servicio SNMP en Windows 95/98/98SE, y Windows NT4/2000/XP permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante una petición de administración malformada. NOTA: Esta candidata puede ser separada o mezclada con otras candidatas. • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0013 http://www.cert.org/advisories/CA-2002-03.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html http://www.kb.cert.org/vuls/id/107186 http://www.kb.cert.org/vuls/id/854306 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-006 https://oval.cisecurity.org/repository/search/definition/oval%3Ao • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. Vulnerabilidad de cadena formateada en las funciones de ejecución C en SQL Server 7.0 y 2000 permite a atacantes remotos provocar una denegación de servicio. • http://marc.info/?l=bugtraq&m=100891252317406&w=2 http://www.atstake.com/research/advisories/2001/a122001-1.txt http://www.securityfocus.com/bid/3732 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060 https://exchange.xforce.ibmcloud.com/vulnerabilities/7725 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A253 •

CVSS: 5.0EPSS: 24%CPEs: 2EXPL: 1

Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. • https://www.exploit-db.com/exploits/21123 http://www.securityfocus.com/bid/3445 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-052 https://exchange.xforce.ibmcloud.com/vulnerabilities/7302 •