CVSS: 7.5EPSS: 94%CPEs: 30EXPL: 2CVE-2006-0143 – Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-0143
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. • https://www.exploit-db.com/exploits/27051 http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://securitytracker.com/id?1015453 http://www.securityfocus.com/archive/1/421257/100/0/threaded http://www.securityfocus.com/archive/1/421258/100/0/threaded http://www.securityfocus.com/bid/16167 http://www.vupen.com/english/advisories/2006/0115 https://exchange.xforce.ibmcloud.com/vulnerabiliti • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 7%CPEs: 8EXPL: 3CVE-2005-4717 – Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar. • https://www.exploit-db.com/exploits/26457 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0673.html http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0127.html http://www.securityfocus.com/bid/15268 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2005-2827 – Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation (MS05-055)
https://notcve.org/view.php?id=CVE-2005-2827
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability." • https://www.exploit-db.com/exploits/1407 http://secunia.com/advisories/15821 http://secunia.com/advisories/18064 http://secunia.com/advisories/18311 http://securityreason.com/securityalert/252 http://securitytracker.com/id?1015347 http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf http://www.eeye.com/html/research/advisories/AD20051213.html http://www.osvdb.org/18823 http://www.securityfocus.com/archive/1/419377/100/0/threaded http://www.securityfocus.com/bid/15826 •
CVSS: 4.9EPSS: 0%CPEs: 21EXPL: 2CVE-2005-3981 – Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service
https://notcve.org/view.php?id=CVE-2005-3981
NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE • https://www.exploit-db.com/exploits/26690 http://www.securityfocus.com/archive/1/418289/100/0/threaded http://www.securityfocus.com/archive/1/418431/100/0/threaded http://www.securityfocus.com/bid/15671 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3945
https://notcve.org/view.php?id=CVE-2005-3945
The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups. • http://www.securityfocus.com/archive/1/417952/100/0/threaded http://www.securityfocus.com/bid/15613 •