Page 4 of 47 results (0.014 seconds)

CVSS: 9.3EPSS: 88%CPEs: 59EXPL: 1

Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 http://secunia.com/advisories/20639 http://securitytracker.com/id?1016290 http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 http://www.kb.cert.org/vuls/id/722753 http://www.osvdb.org/26433 http://www.securityfocus.com/archive/1/438482/100/0/threaded http://www.securityfocus.com/archive/1/438609/100/0/threaded http://www.securityfocus.com/bid/18374 http://www.us-cert.gov/cas/techalerts/TA06-164A.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 93%CPEs: 29EXPL: 4

Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/16375 https://www.exploit-db.com/exploits/16364 https://www.exploit-db.com/exploits/1965 https://www.exploit-db.com/exploits/1940 http://secunia.com/advisories/20630 http://securitytracker.com/id?1016285 http://www.kb.cert.org/vuls/id/631516 http://www.osvdb.org/26437 http://www.securityfocus.com/bid/18325 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2323 https:/&#x •

CVSS: 6.8EPSS: 94%CPEs: 32EXPL: 0

Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 http://securitytracker.com/id?1016283 http://www.kb.cert.org/vuls/id/390044 http://www.osvdb.org/26434 http://www.securityfocus.com/bid/18359 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2321 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/26805 https://oval.cisecurity.org/repository/search/definition/ov •

CVSS: 5.1EPSS: 91%CPEs: 30EXPL: 0

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." • http://secunia.com/advisories/19606 http://securitytracker.com/id?1015897 http://www.kb.cert.org/vuls/id/641460 http://www.osvdb.org/24516 http://www.securityfocus.com/bid/17464 http://www.us-cert.gov/cas/techalerts/TA06-101A.html http://www.vupen.com/english/advisories/2006/1320 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/25554 https://oval.cisecurity.org/repository/search/definition/ov •

CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 http://securitytracker.com/id?1015631 http://www.kb.cert.org/vuls/id/739844 http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html http://www.securityfocus.com/archive/1/425141/100/0/threaded http://www.securityfocus.com/bid/16643 http://www.vupen.com/english/advisories/2006/0578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/24492 https://oval.cisec • CWE-264: Permissions, Privileges, and Access Controls •