Page 6 of 70 results (0.007 seconds)

CVSS: 7.5EPSS: 93%CPEs: 21EXPL: 1

CVE-2005-0063 – Microsoft Windows - 'HTA' Script Execution (MS05-016)

https://notcve.org/view.php?id=CVE-2005-0063

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. • https://www.exploit-db.com/exploits/938 http://marc.info/?l=bugtraq&m=111755356016155&w=2 http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities http://www.securiteam.com/exploits/5YP0T0AFFW.html http://www.securityfocus.com/bid/13132 http://www.vupen.com/english/advisories/2005/0335 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184 https:// •

CVSS: 5.0EPSS: 96%CPEs: 14EXPL: 3

CVE-2004-0790 – Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)

https://notcve.org/view.php?id=CVE-2004-0790

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. • https://www.exploit-db.com/exploits/948 https://www.exploit-db.com/exploits/25389 https://www.exploit-db.com/exploits/942 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt http://marc.info/?l=bugtraq&m=112861397904255&w=2 http://secunia.com/advisories/18317 http://secunia.com/advisories/22341 http://securityreason.com/securityalert/19 http://securityreason.com/securityalert/57 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1 htt •

CVSS: 7.5EPSS: 88%CPEs: 55EXPL: 3

CVE-2005-0416 – Microsoft Internet Explorer - '.ANI' Downloader (MS05-002)

https://notcve.org/view.php?id=CVE-2005-0416

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. La capacidad de Cursor Animado de Windows (archivos .ANI) de Windows NT, Windows 2000 hasta SP4, Windows XP hasta SP1, y Windows 2003 permite a atacantes remotos ejecutar código de su elección mediante el campo de longitud AnimationHeaderBlock, lo que conduce a un desbordamiento de búfer basado en la pila. • https://www.exploit-db.com/exploits/771 https://www.exploit-db.com/exploits/765 http://eeye.com/html/research/advisories/AD20050111.html http://marc.info/?l=bugtraq&m=110547079218397&w=2 http://marc.info/?l=bugtraq&m=110556975827760&w=2 http://www.securityfocus.com/bid/12233 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/18879 •

CVSS: 7.5EPSS: 79%CPEs: 24EXPL: 0

CVE-2005-0057

https://notcve.org/view.php?id=CVE-2005-0057

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow. La biblioteca de objetos Hyperlink para Windows 98, 2000, XP y Server 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un enlace diseñado que activa un "buffer no controlado" en la biblioteca, posiblemente debido a un desbordamiento del buffer. • http://secunia.com/advisories/14195 http://securitytracker.com/id?1013119 http://www.kb.cert.org/vuls/id/820427 http://www.securityfocus.com/bid/12479 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/19110 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570 https://oval.cisecurity.org/repository/search/definition •

CVSS: 7.5EPSS: 49%CPEs: 25EXPL: 0

CVE-2005-0044

https://notcve.org/view.php?id=CVE-2005-0044

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." • http://www.kb.cert.org/vuls/id/927889 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/19109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35 •