CVSS: 5.0EPSS: 23%CPEs: 8EXPL: 4CVE-2005-1191 – Microsoft Windows 98/2000 Explorer - Preview Pane Script Injection
https://notcve.org/view.php?id=CVE-2005-1191
The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. • https://www.exploit-db.com/exploits/25454 http://security.greymagic.com/security/advisories/gm015-ie http://www.securityfocus.com/archive/1/396224 http://www.securityfocus.com/bid/13248 http://www.vupen.com/english/advisories/2005/0509 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024 https://exchange.xforce.ibmcloud.com/vulnerabilities/20380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585 •
CVSS: 7.5EPSS: 92%CPEs: 21EXPL: 1CVE-2005-0063 – Microsoft Windows - 'HTA' Script Execution (MS05-016)
https://notcve.org/view.php?id=CVE-2005-0063
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. • https://www.exploit-db.com/exploits/938 http://marc.info/?l=bugtraq&m=111755356016155&w=2 http://www.idefense.com/application/poi/display?id=231&type=vulnerabilities http://www.securiteam.com/exploits/5YP0T0AFFW.html http://www.securityfocus.com/bid/13132 http://www.vupen.com/english/advisories/2005/0335 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184 https:// •
CVSS: 7.2EPSS: 0%CPEs: 23EXPL: 0CVE-2005-0061
https://notcve.org/view.php?id=CVE-2005-0061
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. El kernel de Microsoft Windows 2000, Windows XP SP1 y SP2, y Windows Server 2003 permite a los usuarios locales obtener privilegios a través de determinadas solicitudes de acceso. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593 •
CVSS: 7.2EPSS: 0%CPEs: 24EXPL: 0CVE-2005-0060
https://notcve.org/view.php?id=CVE-2005-0060
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. El desbordamiento del búfer en el componente de procesamiento de fuentes de Microsoft Windows 2000, Windows XP SP1 y SP2, y Windows Server 2003 permite a los usuarios locales obtener privilegios a través de una aplicación especialmente diseñada. • http://marc.info/?l=bugtraq&m=111343529426926&w=2 http://www.ngssoftware.com/advisories/ms-01.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2562 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3941 https://oval.cisecurity.org/repository/search/defin •
CVSS: 5.0EPSS: 96%CPEs: 14EXPL: 3CVE-2004-0790 – Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)
https://notcve.org/view.php?id=CVE-2004-0790
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. • https://www.exploit-db.com/exploits/948 https://www.exploit-db.com/exploits/25389 https://www.exploit-db.com/exploits/942 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt http://marc.info/?l=bugtraq&m=112861397904255&w=2 http://secunia.com/advisories/18317 http://secunia.com/advisories/22341 http://securityreason.com/securityalert/19 http://securityreason.com/securityalert/57 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1 htt •