Page 66 of 431 results (0.012 seconds)

CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. • http://secunia.com/advisories/18859 http://securitytracker.com/id?1015631 http://www.kb.cert.org/vuls/id/739844 http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html http://www.securityfocus.com/archive/1/425141/100/0/threaded http://www.securityfocus.com/bid/16643 http://www.vupen.com/english/advisories/2006/0578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/24492 https://oval.cisec • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 94%CPEs: 18EXPL: 0

Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. • http://secunia.com/advisories/18857 http://securitytracker.com/id?1015630 http://www.kb.cert.org/vuls/id/388900 http://www.securityfocus.com/bid/16636 http://www.vupen.com/english/advisories/2006/0577 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/24491 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1220 https://oval.cisecurity.org/repository/search/definition/oval% •

CVSS: 7.8EPSS: 94%CPEs: 24EXPL: 2

Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." • https://www.exploit-db.com/exploits/1599 https://www.exploit-db.com/exploits/1603 http://secunia.com/advisories/18853 http://securitytracker.com/id?1015629 http://www.kb.cert.org/vuls/id/839284 http://www.securiteam.com/exploits/5PP0T0KI0O.html http://www.securityfocus.com/archive/1/482658/30/4350/threaded http://www.securityfocus.com/bid/16645 http://www.us-cert.gov/cas/techalerts/TA06-045A.html http://www.vupen.com/english/advisories/2006/0576 https://docs. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm. • http://www.securityfocus.com/archive/1/423169/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/24471 •

CVSS: 7.5EPSS: 29%CPEs: 6EXPL: 0

The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place. • http://securityreason.com/securityalert/349 http://securitytracker.com/id?1015489 http://www.nmrc.org/pub/advise/20060114.txt http://www.securiteam.com/windowsntfocus/5YP0D2KHHO.html http://www.securityfocus.com/archive/1/421868/100/0/threaded http://www.theta44.org/karma https://exchange.xforce.ibmcloud.com/vulnerabilities/24157 •