CVSS: 7.6EPSS: 2%CPEs: 3EXPL: 1CVE-1999-1593
https://notcve.org/view.php?id=CVE-1999-1593
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. Windows Internet Naming Service (WINS), permite atacantes remotos provocar una denegación de servicio (pérdida de conexión) o el robo de credenciales a través de una inscripción 1Ch que hace que WINS se cambie de controlador de dominio para apuntar a un servidor malicioso. NOTA: este problema puede estar limitado cuando se usan clientes Windows 95/98, o si el primer controlador de dominio no está disponible. • http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00371.html http://seclists.org/bugtraq/2001/Jan/0264.html http://seclists.org/bugtraq/2001/Jan/0269.html http://seclists.org/bugtraq/2001/Jan/0271.html http://seclists.org/bugtraq/2001/Jan/0274.html http://seclists.org/bugtraq/2001/Jan/0276.html http://seclists.org/bugtraq/2001/Jan/0289.html http://seclists.org/bugtraq/2001/Jan/0298.html http://www.securityfocus.com/bid/2221 https://www2.sans.org/ • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 72%CPEs: 15EXPL: 0CVE-2008-4834 – Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4834
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability." Desbordamiento de búfer de SMB en el servicio Server en Microsoft Windows 2000 SP4, XP SP2 y SP3, y Server 2003 SP1 y SP2, permite a atacantes remotos ejecutar código de su elección a través de valores mal formados "dentro de los campos de los paquetes SMB" sin especificar en una petición NT Trans, también conocido como "Vulnerabilidad de ejecución de código remoto con desbordamiento de búfer SMB". This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Microsoft Windows; remote code execution is also theoretically possible. User interaction is not required to exploit this vulnerability. The specific flaw exists in the processing of SMB requests. By specifying malformed values during an NT Trans request an attacker can cause the target system to kernel panic thereby requiring a reboot of the system. • http://www.securityfocus.com/archive/1/500012/100/0/threaded http://www.securityfocus.com/bid/33121 http://www.securitytracker.com/id?1021560 http://www.us-cert.gov/cas/techalerts/TA09-013A.html http://www.vupen.com/english/advisories/2009/0116 http://www.zerodayinitiative.com/advisories/ZDI-09-001 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5863 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 66%CPEs: 15EXPL: 0CVE-2008-4835 – Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4835
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability." SMB en el servicio Server en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008, permite a atacantes remotos ejecutar código de su elección a través de valores sinb especificar "dentro de los campos de los paquetes SMB" en una petición NT Trans2, relacionado con una "validación insuficiente del tamaño del búfer", también conocido como "vulnerabilidad de ejecución de código remota para validación de SMB". This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Microsoft Windows; remote code execution is also theoretically possible. User interaction is not required to exploit this vulnerability. The specific flaw exists in the processing of SMB requests. By specifying malformed values during an NT Trans2 request an attacker can cause the target system to kernel panic thereby requiring a reboot of the system. • http://www.securityfocus.com/archive/1/500013/100/0/threaded http://www.securityfocus.com/bid/33122 http://www.securitytracker.com/id?1021560 http://www.us-cert.gov/cas/techalerts/TA09-013A.html http://www.vupen.com/english/advisories/2009/0116 http://www.zerodayinitiative.com/advisories/ZDI-09-002 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5248 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 1%CPEs: 17EXPL: 0CVE-2008-3465
https://notcve.org/view.php?id=CVE-2008-3465
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka "GDI Heap Overflow Vulnerability." Desbordamiento de búfer basado en montículo en una API en GDI en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008, permite a atacantes dependientes de contexto provocar una denegación de servicio o ejecución de código de su elección a través de un fichero WMF con un parámetro de tamaño de fichero mal formado, que no puede ser manejado adecuadamente por aplicaciones de terceros que emplean este API para las operaciones de copia, también conocido como "GDI Heap Overflow Vulnerability." • http://www.securitytracker.com/id?1021365 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3383 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6062 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.5EPSS: 95%CPEs: 28EXPL: 0CVE-2008-4258
https://notcve.org/view.php?id=CVE-2008-4258
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Parameter Validation Memory Corruption Vulnerability." Microsoft Internet Explorer v5.01 SP4 y v6 SP1, no valida adecuadamente los parámetros en las llamadas a los métodos de navegación; esto permite a atacantes remotos ejecutar código de su elección a través de un documento HTML manipulado que provoca una corrupción de memoria. También se conoce como "Vulnerabilidad de Corrupción de la Memoria de Validación de Parámetros". • http://www.securitytracker.com/id?1021371 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3385 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5231 • CWE-399: Resource Management Errors •