Page 62 of 637 results (0.009 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 4

CVE-2006-5758 – Microsoft Windows - GDI Privilege Escalation (MS07-017)

https://notcve.org/view.php?id=CVE-2006-5758

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures. El Graphics Rendering Engine en Microsoft Windows 2000 hasta 2000 SP4 y Windows XP hasta SP2 mapea estructuras del núcleo GDI en una sección de memoria global compartida que está mapeada con permisos de sólo lectura, pero puede ser remapeada por otros procesos como lectura-escritura, lo cual permite a usuarios locales provocar una denegación de servicio (corrupción de memoria y caída) y ganar privilegios modificando las estructuras del núcleo. • https://www.exploit-db.com/exploits/3688 https://www.exploit-db.com/exploits/3755 https://www.exploit-db.com/exploits/3804 http://kernelwars.blogspot.com/2007/01/alive.html http://projects.info-pull.com/mokb/MOKB-06-11-2006.html http://secunia.com/advisories/22668 http://securitytracker.com/id?1017168 http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson http://www.securityfocus.com/archive/1/466186/100/200/threaded http://www.securityfocus.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 96%CPEs: 13EXPL: 3

CVE-2006-5559 – Microsoft Internet Explorer - ADODB Execute Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2006-5559

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments. El objeto de control ActiveX ADODB.Connection 2.7 (ADODB.Connection.2.7) permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer) mediante argumentos largos para la función Execute. • https://www.exploit-db.com/exploits/2629 http://blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx http://research.eeye.com/html/alerts/zeroday/20061027.html http://secunia.com/advisories/22452 http://securitytracker.com/id?1017127 http://www.kb.cert.org/vuls/id/589272 http://www.osvdb.org/31882 http://www.securityfocus.com/bid/20704 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0578 • CWE-20: Improper Input Validation •

CVSS: 9.0EPSS: 97%CPEs: 6EXPL: 0

CVE-2006-4696

https://notcve.org/view.php?id=CVE-2006-4696

Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted packet, aka "SMB Rename Vulnerability." Vulnerabilidad no especificada en el servicio Server en Microsoft Windows 2000 SP4, Server 2003 SP1 y anteriores, y XP SP2 y anteriores permite a atacantes remotos ejecutar código de su elección mediante un paquete artesanal, también conocido como "Vulnerabilidad de Renombramiento SMB". • http://securitytracker.com/id?1017035 http://www.kb.cert.org/vuls/id/820628 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20373 http://www.vupen.com/english/advisories/2006/3982 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-063 https://exchange.xforce.ibmcloud.com/vulnerabilities/29373 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 23%CPEs: 13EXPL: 4

CVE-2006-4868 – Microsoft Internet Explorer (Windows XP SP2) - 'VML' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2006-4868

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. Desbordamiento de búfer basado en el motor Vector Graphics Rendering (vgx.dll), tal y como se usa en Microsoft Outlook e Internet Explorer 6.0 en Windows XP SP2 y posiblemente otras versiones permite a atacantes remotos ejecutar código de su elección mediante un fichero Vector Markup Language (VML) con un parámetro "fill" largo dentro de una etiqueta "rect". • https://www.exploit-db.com/exploits/2425 https://www.exploit-db.com/exploits/16597 https://www.exploit-db.com/exploits/2426 http://blogs.securiteam.com/index.php/archives/624 http://secunia.com/advisories/21989 http://securitytracker.com/id?1016879 http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html http://support.microsoft.com/kb/925486 http://www.kb.cert.org/vuls/id/416092 http://www.microsoft.com/technet/security/advisory/925568.mspx ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 16%CPEs: 10EXPL: 0

CVE-2006-3873

https://notcve.org/view.php?id=CVE-2006-3873

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869. Desbordamiento de búfer basado en montón en URLMON.DLL en Microsoft Internet Explorer 6 SP1 sobre Windows 2000 y XP SP1, con versiones del parche MS06-042 anterior a 12/09/2006, permite a un atacante remoto provocar denegación de servicio(caida) o ejecutar código de su elección a través de una URL grande en un sitio web GZIP-codificado que fue el objetivo de una redirección HTTP, debido a un arreglo incompleto del CVE-2006-3869. • http://research.eeye.com/html/advisories/published/AD20060912.html http://securityreason.com/securityalert/1555 http://securitytracker.com/id?1016839 http://weblog.infoworld.com/techwatch/archives/007870.html http://www.osvdb.org/30834 http://www.securityfocus.com/archive/1/445835/100/0/threaded http://www.securityfocus.com/bid/19987 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042 https://exchange.xforce.ibmcloud.com/vulnerabilities/28893 •