CVSS: 9.3EPSS: 6%CPEs: 8EXPL: 1CVE-2006-0020
https://notcve.org/view.php?id=CVE-2006-0020
An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability." • http://linuxbox.org/pipermail/funsec/2006-January/002828.html http://secunia.com/advisories/18729 http://secunia.com/advisories/18912 http://www.kb.cert.org/vuls/id/312956 http://www.microsoft.com/technet/security/advisory/913333.mspx http://www.osvdb.org/22976 http://www.securityfocus.com/bid/16516 http://www.us-cert.gov/cas/techalerts/TA06-045A.html http://www.vupen.com/english/advisories/2006/0469 https://docs.microsoft.com/en-us/security-updates/securitybulletins/200 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 94%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://securitytracker.com/id?1015453 http://www.securityfocus.com/archive/1/421257/100/0/threaded http://www.securityfocus.com/archive/1/421258/100/0/threaded http://www.securityfocus.com/bid/16167 http://www.vupen.com/english/advisories/2006/0115 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 4%CPEs: 6EXPL: 1CVE-2005-0058 – Microsoft Windows - Telephony Service Command Execution (MS05-040)
https://notcve.org/view.php?id=CVE-2005-0058
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. • https://www.exploit-db.com/exploits/1584 http://secunia.com/advisories/16354 http://securitytracker.com/id?1014639 http://www.securityfocus.com/bid/14518 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •
CVSS: 7.2EPSS: 0%CPEs: 34EXPL: 0CVE-2005-2388
https://notcve.org/view.php?id=CVE-2005-2388
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. Desbordamiento de búfer en cierto driver USB, usado en Windows, permite que atacantes ejecuten código arbitrario. • http://secunia.com/advisories/16210 http://securitytracker.com/id?1014566 http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp http://www.osvdb.org/18493 http://www.securityfocus.com/bid/14376 https://exchange.xforce.ibmcloud.com/vulnerabilities/21539 •
CVSS: 5.1EPSS: 15%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 http://www.securityfocus.com/bid/13948 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906 •