CVSS: 9.3EPSS: 87%CPEs: 16EXPL: 0CVE-2008-1086
https://notcve.org/view.php?id=CVE-2008-1086
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. El HxTocCtrl ActiveX control (hxvz.dll), usado en Microsoft Internet Explorer 5.01 SP4 y 6 SP1, en Windows XP SP2, Server 2003 SP1 y SP2, Vista SP1 y Server 2008, permite a atacantes remotos ejecutar código de su elección a través de argumentos mal formados, lo que dispara una corrupción de memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=680 http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29714 http://www.securityfocus.com/bid/28606 http://www.securitytracker.com/id?1019800 http://www.us-cert.gov/cas/techalerts/TA08-099A.html http://www.vupen.com/english/advisories/2008/1147/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 75%CPEs: 14EXPL: 2CVE-2008-1087 – Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
https://notcve.org/view.php?id=CVE-2008-1087
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en GDI de Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, Vista, y Server 2008, permite a atacantes remotos ejecutar código de su elección a través de un fichero de imagen EMF con los parámetros del nombre del fichero manipulados, también conocido como "Vulnerabilidad de desbordamiento de pila en GDI" • https://www.exploit-db.com/exploits/5442 https://www.exploit-db.com/exploits/6656 http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29704 http://www.osvdb.org/44215 http://www.securityfocus.com/bid/28570 http://www.securitytracker.com/id?1019798 http://www.us-cert.gov/cas/techalerts/TA08-099A.html http://www.vupen.com/english/advisories/2008/1145/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-021& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 78%CPEs: 7EXPL: 0CVE-2008-0087
https://notcve.org/view.php?id=CVE-2008-0087
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses. El cliente de DNS en Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, y Vista, emplea IDs de transacciones de DNS predecibles, lo que permite a atacantes remotos falsificar respuestas DNS. • http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29696 http://www.securityfocus.com/archive/1/490575/100/0/threaded http://www.securityfocus.com/bid/28553 http://www.securitytracker.com/id?1019802 http://www.trusteer.com/docs/windowsresolver.html http://www.us-cert.gov/cas/techalerts/TA08-099A.html http://www.vupen.com/english/advisories/2008/1144/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-020 https: • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.3EPSS: 52%CPEs: 13EXPL: 3CVE-2008-1083 – Microsoft GDI WMF Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-1083
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability." Desbordamiento de búfer basado en memoria dinámica en la función CreateDIBPatternBrushPt en GDI en Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, Vista y Server 2008 permite a atacantes remotos ejecutar código arbitrario a través de un archivo de imagen EMF o WMF con una cabezera mal formada que desencadena un desbordamiento de entero, vulnerabilidad también conocida como "GDI Heap Overflow Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw exists within the parsing of malformed WMF files. A vulnerability exists in the GDI funcion CreateDIBPatternBrushPt used when processing WMF files. • https://www.exploit-db.com/exploits/6330 https://www.exploit-db.com/exploits/5442 https://www.exploit-db.com/exploits/6656 http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0168.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=681 http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29704 http://support.microsoft.com/kb/948590 http://www.kb.cert.org/vuls/id/632963 http://www.osvdb.org/44213 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 95%CPEs: 27EXPL: 0CVE-2008-1544
https://notcve.org/view.php?id=CVE-2008-1544
The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header. El método setRequestHeader del objeto XMLHttpRequest en Microsoft Internet Explorer versiones 5.01, 6 y 7 no bloquea los encabezados de petición HTTP peligrosos cuando ciertas secuencias de caracteres de 8 bits se anexan a un nombre de encabezado, lo que permite a los atacantes remotos (1) dirigir la división de peticiones HTTP y los ataques de contrabando de peticiones HTTP por medio de un encabezado de contenido largo inapropiado, (2) acceden a hosts virtuales arbitrarios por medio de un encabezado de host modificado, (3) omisión de las restricciones de referencia por medio de un encabezado Referer inapropiado y (4) omisión de la póliza mismo origen y conseguir información confidencial por medio de un encabezado de petición creado. • http://marc.info/?l=bugtraq&m=121380194923597&w=2 http://secunia.com/advisories/29453 http://securityreason.com/securityalert/3785 http://www.mindedsecurity.com/MSA02240108.html http://www.securityfocus.com/archive/1/489954/100/0/threaded http://www.securityfocus.com/bid/28379 http://www.securitytracker.com/id?1020226 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/0980 http://www.vupen.com/english/advisories/2008/1778 https • CWE-20: Improper Input Validation •