CVSS: 7.8EPSS: 1%CPEs: 26EXPL: 1CVE-2004-0894 – Microsoft Windows - Improper Token Validation Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0894
15 Dec 2004 — LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program. El Servicio del Subsistema de la Autoridad de Seguridad Local (LSASS) de Windows 2000 Server and Windows Server 2003 no valida adecuadamente la información de conexión, lo que permite a usuarios locales ganar privilegios mediante un programa especialmente diseñado. • https://www.exploit-db.com/exploits/749 •
CVSS: 10.0EPSS: 26%CPEs: 51EXPL: 0CVE-2004-0901
https://notcve.org/view.php?id=CVE-2004-0901
15 Dec 2004 — Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. El Convertidor de Microsoft Word para Windows 6.0 no valida adecuadamente ciertas longitudes de datos, lo que permite a atacantes remotos ejecutar código de su elección mediante ... • http://www.ciac.org/ciac/bulletins/p-055.shtml •
CVSS: 8.1EPSS: 34%CPEs: 27EXPL: 2CVE-2004-1319
https://notcve.org/view.php?id=CVE-2004-1319
15 Dec 2004 — The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. • http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html •
CVSS: 10.0EPSS: 89%CPEs: 37EXPL: 2CVE-2004-1080 – Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045)
https://notcve.org/view.php?id=CVE-2004-1080
01 Dec 2004 — The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." El servicio WINS (wins.exe) de Microsoft Windows NT Server 4.0, Windows 2000 Server y Windows Server 2003 permite a atacantes remotos escribir localizaciones de memoria arbitrarias y p... • https://www.exploit-db.com/exploits/909 •
CVSS: 5.0EPSS: 38%CPEs: 46EXPL: 1CVE-2004-0839
https://notcve.org/view.php?id=CVE-2004-0839
18 Aug 2004 — Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". • http://marc.info/?l=bugtraq&m=109303291513335&w=2 •
CVSS: 10.0EPSS: 38%CPEs: 54EXPL: 0CVE-2004-0201
https://notcve.org/view.php?id=CVE-2004-0201
14 Jul 2004 — Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. Vulnerabilidad basada en el montón en el programa HtmlHelp (hh.exe) en ayuda HTML de Microsoft Windows 98, Me, NT, 4.0, 2000, XP y Server 2003 permite a atacantes remotos ejecutar órdenes de su elección mediante un fichero .CHML con... • http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html •
CVSS: 7.5EPSS: 29%CPEs: 28EXPL: 0CVE-2004-0202
https://notcve.org/view.php?id=CVE-2004-0202
11 Jun 2004 — IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. El interfaz de programación de aplicación (API) IDirectPlay de Microsoft DirectPlay 7.0a a 9.0b, usado en Windows Server 2003 y anteriores, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un paquete malformado. • http://secunia.com/advisories/11802 •
CVSS: 9.8EPSS: 40%CPEs: 13EXPL: 1CVE-2004-0199
https://notcve.org/view.php?id=CVE-2004-0199
14 May 2004 — Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). El Centro de Ayuda y Soporte en Windows XP y Windows Server 2003 SP1 no valida adecuadamente URLs HCP, lo que permite a atancantes remotos ejecutar código arbitrario, como se ha demostrado usando ciertas URLs hcp:// que acceden a la capacidad de... • http://marc.info/?l=bugtraq&m=108437759930820&w=2 •
CVSS: 9.8EPSS: 46%CPEs: 34EXPL: 0CVE-2003-0825
https://notcve.org/view.php?id=CVE-2003-0825
03 Mar 2004 — The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. El Servicio de Nombres de Internet de Windows (WINS) en Microsoft Windows Server 2003, y posiblemente Windows NT y Server 2000 no valida adecuadamente la longitud de ciertos paquetes, lo que permite a ciertos paquetes causar una denegación de ser... • http://www.ciac.org/ciac/bulletins/o-077.shtml • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 89%CPEs: 38EXPL: 3CVE-2003-0818 – Microsoft Windows - ASN.1 'LSASS.exe' Remote Denial of Service (MS04-007)
https://notcve.org/view.php?id=CVE-2003-0818
11 Feb 2004 — Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. Múltiples desbordamientos de enteros en la librería ASN.1 de Microsoft (MSASN1.DLL), usada en LSASS.EXE, CRYPT32.DLL, y otros ejecutables de Mic... • https://www.exploit-db.com/exploits/153 •