Page 5 of 38 results (0.006 seconds)

CVSS: 5.0EPSS: 92%CPEs: 43EXPL: 0

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. Dos vulnerabilidades en la Máquina Virtual de Microsoft (VM) hasta 5.0.3805 inclusive, como la usada en Internet Explorer y otras aplicaciones, permite a atacantes remotos leer ficheros mediante un applet Java con una localización falsificada en el parámetro CODEBASE de la etiqueta APPLET, posiblemente debido a un error de procesado. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A582 •

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 10

NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation." El Agente NetDDE en sistemas Windows permite a usuarios locales ejecutar código arbitrario mediante un mensaje WM_COPYDATA usando un ataque de estilo "destrozar" (shatter) • https://www.exploit-db.com/exploits/21922 https://www.exploit-db.com/exploits/21923 https://www.exploit-db.com/exploits/21684 https://www.exploit-db.com/exploits/21685 https://www.exploit-db.com/exploits/21686 https://www.exploit-db.com/exploits/21687 https://www.exploit-db.com/exploits/21688 https://www.exploit-db.com/exploits/21689 https://www.exploit-db.com/exploits/21690 https://www.exploit-db.com/exploits/21691 http://getad.chat.ru http://www.ciac •

CVSS: 7.5EPSS: 96%CPEs: 11EXPL: 0

Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. Desbordamiento de búfer en el servicio Microsoft PPTP en Windows XP y Windows 2000 permite a atacantes remotos causar una denegación de servicio (cuelgue) y posiblemente ejecutar código arbitrario mediante un cierto paquete PPTP. • http://online.securityfocus.com/archive/1/293146 http://www.iss.net/security_center/static/10199.php http://www.securityfocus.com/bid/5807 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-063 •

CVSS: 5.0EPSS: 4%CPEs: 14EXPL: 1

The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." • http://marc.info/?l=bugtraq&m=103235745116592&w=2 http://marc.info/?l=bugtraq&m=103236181522253&w=2 http://www.iss.net/security_center/static/10120.php http://www.securityfocus.com/bid/5713 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 •

CVSS: 7.5EPSS: 4%CPEs: 46EXPL: 0

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." • http://www.iss.net/security_center/static/10254.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403 •