CVSS: 7.8EPSS: 76%CPEs: 9EXPL: 2CVE-2005-2124 – Microsoft Windows Metafile - 'gdi32.dll' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2124
29 Nov 2005 — Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability." • https://www.exploit-db.com/exploits/1343 •
CVSS: 9.8EPSS: 72%CPEs: 10EXPL: 0CVE-2005-1987
https://notcve.org/view.php?id=CVE-2005-1987
13 Oct 2005 — Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. • http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 35%CPEs: 9EXPL: 1CVE-2005-1978 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1978
11 Oct 2005 — COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. • https://www.exploit-db.com/exploits/1352 •
CVSS: 7.5EPSS: 79%CPEs: 9EXPL: 2CVE-2005-1979 – Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1979
11 Oct 2005 — Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. • https://www.exploit-db.com/exploits/26341 •
CVSS: 7.5EPSS: 75%CPEs: 9EXPL: 1CVE-2005-1980 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1980
11 Oct 2005 — Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." • https://www.exploit-db.com/exploits/1352 •
CVSS: 9.1EPSS: 58%CPEs: 9EXPL: 2CVE-2005-2119 – Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051)
https://notcve.org/view.php?id=CVE-2005-2119
11 Oct 2005 — The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer. • https://www.exploit-db.com/exploits/1341 •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2005-2765
https://notcve.org/view.php?id=CVE-2005-2765
01 Sep 2005 — The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included. • http://www.microsoft.com/technet/security/advisory/897663.mspx •
CVSS: 10.0EPSS: 51%CPEs: 37EXPL: 0CVE-2005-1208
https://notcve.org/view.php?id=CVE-2005-1208
14 Jun 2005 — Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html •
CVSS: 9.8EPSS: 44%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
14 Jun 2005 — Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true •
CVSS: 8.1EPSS: 32%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
14 Jun 2005 — Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 •