CVSS: 7.5EPSS: 94%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://securitytracker.com/id?1015453 http://www.securityfocus.com/archive/1/421257/100/0/threaded http://www.securityfocus.com/archive/1/421258/100/0/threaded http://www.securityfocus.com/bid/16167 http://www.vupen.com/english/advisories/2006/0115 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 97%CPEs: 16EXPL: 5CVE-2005-4560 – Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
https://notcve.org/view.php?id=CVE-2005-4560
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com. • https://www.exploit-db.com/exploits/16612 http://linuxbox.org/pipermail/funsec/2006-January/002455.html http://secunia.com/advisories/18255 http://secunia.com/advisories/18311 http://secunia.com/advisories/18364 http://secunia.com/advisories/18415 http://securitytracker.com/id?1015416 http://support.avaya.com/elmodocs2/security/ASA-2006-001.htm http://vil.mcafeesecurity.com/vil/content/v_137760.htm http://www.f-secure.com/weblog/archives/archive-122005.html#00000753 http:// • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 21EXPL: 2CVE-2005-3981 – Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service
https://notcve.org/view.php?id=CVE-2005-3981
NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE • https://www.exploit-db.com/exploits/26690 http://www.securityfocus.com/archive/1/418289/100/0/threaded http://www.securityfocus.com/archive/1/418431/100/0/threaded http://www.securityfocus.com/bid/15671 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3945
https://notcve.org/view.php?id=CVE-2005-3945
The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups. • http://www.securityfocus.com/archive/1/417952/100/0/threaded http://www.securityfocus.com/bid/15613 •
CVSS: 5.0EPSS: 22%CPEs: 24EXPL: 1CVE-2005-1218 – Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service
https://notcve.org/view.php?id=CVE-2005-1218
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. • https://www.exploit-db.com/exploits/1143 http://marc.info/?l=bugtraq&m=112146383919436&w=2 http://security-protocols.com/modules.php?name=News&file=article&sid=2783 http://www.kb.cert.org/vuls/id/490628 http://www.microsoft.com/technet/security/advisory/904797.mspx http://www.securityfocus.com/bid/14259 http://www.us-cert.gov/cas/techalerts/TA05-221A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-041 https://oval.cisecurity.org/reposito •