CVSS: 9.3EPSS: 79%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacantes remotos ejecutar código arbitrario a través de un mensajes de correo electrónico o una página web con una fuente web Embedded Open Type (EOT) manipulada que desencadena el desbordamiento durante la descompresión. • http://seclists.org/fulldisclosure/2006/Jan/363 http://secunia.com/advisories/18311 http://secunia.com/advisories/18365 http://secunia.com/advisories/18391 http://securitytracker.com/id?1015459 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html http://www.kb.cert.org/vuls/id/915930 http://www.osvdb.org/18829 http://www.securityfocus.com/archive/1/421885/100/0/threaded http://www.securityfocus.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 94%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://securitytracker.com/id?1015453 http://www.securityfocus.com/archive/1/421257/100/0/threaded http://www.securityfocus.com/archive/1/421258/100/0/threaded http://www.securityfocus.com/bid/16167 http://www.vupen.com/english/advisories/2006/0115 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-399: Resource Management Errors •
CVSS: 7.6EPSS: 96%CPEs: 9EXPL: 2CVE-2005-2124 – Microsoft Windows Metafile - 'gdi32.dll' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2124
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability." • https://www.exploit-db.com/exploits/1343 https://www.exploit-db.com/exploits/1346 http://secunia.com/advisories/17223 http://secunia.com/advisories/17461 http://secunia.com/advisories/17498 http://securityreason.com/securityalert/161 http://securitytracker.com/id?1015168 http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf http://www.eeye.com/html/research/advisories/AD20051108a.html http://www.eeye.com/html/research/advisories/AD20051108b.html http://www.kb.cert.org&#x •
CVSS: 7.5EPSS: 39%CPEs: 9EXPL: 1CVE-2005-2123 – Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)
https://notcve.org/view.php?id=CVE-2005-2123
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. • https://www.exploit-db.com/exploits/1346 http://secunia.com/advisories/17223 http://secunia.com/advisories/17461 http://secunia.com/advisories/17498 http://securitytracker.com/id?1015168 http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf http://www.eeye.com/html/research/advisories/AD20051108b.html http://www.kb.cert.org/vuls/id/300549 http://www.securityfocus.com/bid/15352 http://www.us-cert.gov/cas/techalerts/TA05-312A.html http://www.vupen.com/english& •
CVSS: 7.5EPSS: 75%CPEs: 9EXPL: 1CVE-2005-1978 – Microsoft Windows - DTC Remote (MS05-051)
https://notcve.org/view.php?id=CVE-2005-1978
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. • https://www.exploit-db.com/exploits/1352 http://secunia.com/advisories/17161 http://secunia.com/advisories/17172 http://secunia.com/advisories/17223 http://secunia.com/advisories/17509 http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf http://www.kb.cert.org/vuls/id/950516 http://www.securityfocus.com/bid/15057 http://www.us-cert.gov/cas/techalerts/TA05-284A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051 https://ov •