Page 5 of 26 results (0.008 seconds)

CVSS: 7.5EPSS: 10%CPEs: 49EXPL: 0

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true http://secunia.com/advisories/15669 http://securitytracker.com/id?1014194 http://www.securityfocus.com/bid/13944 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224 •

CVSS: 10.0EPSS: 43%CPEs: 37EXPL: 0

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html http://secunia.com/advisories/15683 http://www.kb.cert.org/vuls/id/851869 http://www.securityfocus.com/bid/13953 http://www.us-cert.gov/cas/techalerts/TA05-165A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef&# •

CVSS: 7.5EPSS: 83%CPEs: 12EXPL: 1

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue. • http://www.phreedom.org/solar/exploits/msasn1-bitstring https://exchange.xforce.ibmcloud.com/vulnerabilities/20870 •

CVSS: 7.5EPSS: 90%CPEs: 6EXPL: 1

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •

CVSS: 10.0EPSS: 81%CPEs: 4EXPL: 2

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. Desbordamiento de enteros en DUNZIP32.DLL de Microsoft Windows XP, Windows XP edición de 64 bits, Windows Server 2003, y Windows Server 2003 edición de 64 bits permite a atacantes remotos ejecutar código de su elección mediante carpetas comprimidas ("zipeadas") que envuelven un "búfer no comprobado" y una validación de longitud inapropiada. • https://www.exploit-db.com/exploits/677 https://www.exploit-db.com/exploits/640 http://marc.info/?l=ntbugtraq&m=109767342326300&w=2 http://securitytracker.com/id?1011637 http://www.ciac.org/ciac/bulletins/p-010.shtml http://www.eeye.com/html/research/advisories/AD20041012A.html http://www.kb.cert.org/vuls/id/649374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034 https://exchange.xforce.ibmcloud.com/vulnerabilities/17624 https://exchange •