CVSS: 7.5EPSS: 10%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true http://secunia.com/advisories/15669 http://securitytracker.com/id?1014194 http://www.securityfocus.com/bid/13944 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224 •
CVSS: 10.0EPSS: 43%CPEs: 37EXPL: 0CVE-2005-1208
https://notcve.org/view.php?id=CVE-2005-1208
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html http://secunia.com/advisories/15683 http://www.kb.cert.org/vuls/id/851869 http://www.securityfocus.com/bid/13953 http://www.us-cert.gov/cas/techalerts/TA05-165A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef&# •
CVSS: 5.0EPSS: 23%CPEs: 8EXPL: 4CVE-2005-1191 – Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection
https://notcve.org/view.php?id=CVE-2005-1191
The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. • https://www.exploit-db.com/exploits/25454 http://security.greymagic.com/security/advisories/gm015-ie http://www.securityfocus.com/archive/1/396224 http://www.securityfocus.com/bid/13248 http://www.vupen.com/english/advisories/2005/0509 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024 https://exchange.xforce.ibmcloud.com/vulnerabilities/20380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585 •
CVSS: 10.0EPSS: 96%CPEs: 17EXPL: 2CVE-2005-0059 – Microsoft Message Queueing Service - Path Overflow (MS05-017)
https://notcve.org/view.php?id=CVE-2005-0059
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message. Desbordamiento de búfer en el componente Message Queuing -cola de mensaje- en Microsoft Windows 2000 y Windows XP SP1, permite a atacantes remotos ejecutar código de su elección a través de un mensaje manipulado. • https://www.exploit-db.com/exploits/16747 https://www.exploit-db.com/exploits/1075 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4384 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4988 •
CVSS: 7.5EPSS: 92%CPEs: 21EXPL: 1CVE-2005-0063 – Microsoft Windows - 'HTA' Script Execution (MS05-016)
https://notcve.org/view.php?id=CVE-2005-0063
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. • https://www.exploit-db.com/exploits/938 http://marc.info/?l=bugtraq&m=111755356016155&w=2 http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities http://www.securiteam.com/exploits/5YP0T0AFFW.html http://www.securityfocus.com/bid/13132 http://www.vupen.com/english/advisories/2005/0335 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184 https:// •