CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2012-2532
https://notcve.org/view.php?id=CVE-2012-2532
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability." Microsoft FTP Service v7.0 y v7.5 para Internet Information Services (IIS) procesa comandos no especificados antes de que TLS esté habilitado para una sesión, lo que permite a atacantes remotos obtener información sensible mediante la lectura de las respuestas a estos comandos. Se trata de un problema también conocido como "Vulnerabilidad de inyección de comandos FTP". • http://www.securityfocus.com/bid/56440 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15786 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 2%CPEs: 119EXPL: 0CVE-2009-4777
https://notcve.org/view.php?id=CVE-2009-4777
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file." Vulnerabilidad no especificada en múltiples versiones de Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, y JP1/Cm2/SNMP System Observer, permite a atacantes remotos causar una denegación de servicio (terminación anormal)a través de vectores relacionados con la visualización de un fichero GIF no válido. • http://osvdb.org/57832 http://secunia.com/advisories/36646 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-016/index.html http://www.securityfocus.com/bid/36311 http://www.vupen.com/english/advisories/2009/2576 https://exchange.xforce.ibmcloud.com/vulnerabilities/53115 •
CVSS: 10.0EPSS: 0%CPEs: 125EXPL: 0CVE-2007-3794
https://notcve.org/view.php?id=CVE-2007-3794
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. Desbordamiento de búfer en Hitachi Cosminexus V4 hasta V7, Processing Kit para XML versiones anteriores a 20070511, Developer's Kit para Java versiones anteriores a 20070312, y productos de terceras partes que utilizan este software, permite a atacantes remotos tener un impacto desconocido mediante imágenes GIF determinadas, relativas al uso de de APIs de procesamiento de imágenes GIF por una aplicación JAVA. • http://osvdb.org/37851 http://secunia.com/advisories/26025 http://www.hitachi-support.com/security_e/vuls_e/HS07-018_e/index-e.html http://www.securityfocus.com/bid/24905 http://www.vupen.com/english/advisories/2007/2534 •
CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 1CVE-2006-1315 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)
https://notcve.org/view.php?id=CVE-2006-1315
The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." The Server Service (SRV.SYS driver) en Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos obtener información sensible a través de una petición manipulada que filtra información en búfers SMB, lo que no está correctamente inicializado, también conocido como "SMB Information Disclosure Vulnerability (Vulnerabilidad de Revelación de Información SMB)". • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securitytracker.com/id?1016467 http://www.kb.cert.org/vuls/id/333636 http://www.osvdb.org/27155 http://www.securityfocus.com/archive/1/439881/100/0/threaded http://www.securityfocus.com/bid/18891 http://www.vupen.com/english/advisories/2006/2753 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/26820 https: •
CVSS: 5.0EPSS: 19%CPEs: 67EXPL: 1CVE-2004-1305 – Microsoft Windows Kernel - '.ANI' File Parsing Crash
https://notcve.org/view.php?id=CVE-2004-1305
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. • https://www.exploit-db.com/exploits/721 http://marc.info/?l=bugtraq&m=110382854111833&w=2 http://www.kb.cert.org/vuls/id/177584 http://www.kb.cert.org/vuls/id/697136 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/18667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o •