CVSS: 9.3EPSS: 67%CPEs: 86EXPL: 0CVE-2006-0010 – Technical Cyber Security Alert 2006-10A
https://notcve.org/view.php?id=CVE-2006-0010
10 Jan 2006 — Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacant... • http://seclists.org/fulldisclosure/2006/Jan/363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 46%CPEs: 8EXPL: 1CVE-2006-0020
https://notcve.org/view.php?id=CVE-2006-0020
10 Jan 2006 — An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability." • http://linuxbox.org/pipermail/funsec/2006-January/002828.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 75%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
09 Jan 2006 — Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 90%CPEs: 16EXPL: 5CVE-2005-4560 – Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
https://notcve.org/view.php?id=CVE-2005-4560
28 Dec 2005 — The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com. Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Wind... • https://packetstorm.news/files/id/82985 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 15%CPEs: 3EXPL: 0CVE-2005-4269
https://notcve.org/view.php?id=CVE-2005-4269
15 Dec 2005 — mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at the same time that a document is reloading, as seen in Microsoft Office InfoPath 2003 by repeatedly clicking the "Delete" button in a repeating section in a form. NOTE: the normal operation of InfoPath appears to involve a local user without any privilege boundaries, so this might not be a vulnerability in Info... • http://support.microsoft.com/kb/908233 •
CVSS: 7.1EPSS: 0%CPEs: 21EXPL: 2CVE-2005-3981 – Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service
https://notcve.org/view.php?id=CVE-2005-3981
04 Dec 2005 — NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminate... • https://www.exploit-db.com/exploits/26690 •
CVSS: 7.8EPSS: 22%CPEs: 9EXPL: 0CVE-2005-3945
https://notcve.org/view.php?id=CVE-2005-3945
01 Dec 2005 — The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups. • http://www.securityfocus.com/archive/1/417952/100/0/threaded •
CVSS: 7.8EPSS: 63%CPEs: 9EXPL: 1CVE-2005-2123 – Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2123
09 Nov 2005 — Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. eEye Digital Security has discovered a vulnerability in the way the Windows Graphical Device Interface (GDI) processes Windows Metafile (WMF) format image files that would... • https://www.exploit-db.com/exploits/1346 •
CVSS: 7.8EPSS: 83%CPEs: 9EXPL: 2CVE-2005-2124 – Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2124
09 Nov 2005 — Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability." eEye Digital Security has discovered a heap overflow vulnerability in the way the Windows Graphical Device Interface (GDI) processes Windows enhanced metafile images (file extensio... • https://www.exploit-db.com/exploits/1346 •
CVSS: 6.5EPSS: 61%CPEs: 4EXPL: 0CVE-2005-2126
https://notcve.org/view.php?id=CVE-2005-2126
21 Oct 2005 — The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. • http://secunia.com/advisories/17163 •