NotCVE - vendor:"Microsoft" product:"Windows" version:"xp"

Page 7 of 39 results (0.009 seconds)

CVSS: 7.1EPSS: 87%CPEs: 10EXPL: 0

CVE-2008-1445

https://notcve.org/view.php?id=CVE-2008-1445

Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request. Active Directory en Microsoft Windows 2000 Server SP4, XP Professional SP2 y SP3, Server 2003 SP1 y SP2, y Server 2008 permite a usuarios autenticados causar una denegación de servicio (caída del sistema o reinicio) a través de una petición LDAP manipulada. • http://secunia.com/advisories/30586 http://securitytracker.com/id?1020229 http://www.securityfocus.com/archive/1/493338/100/0/threaded http://www.securityfocus.com/archive/1/493342/100/0/threaded http://www.securityfocus.com/bid/29584 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1782 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-035 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-20: Improper Input Validation •

CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2008-1453

https://notcve.org/view.php?id=CVE-2008-1453

The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets. La pila Bluetooth en Microsoft Windows XP SP2 y SP3, y Vista Gold y SP1 permite a atacantes fisicamente próximos ejecutar código de su elección a través de una larga serie de paquetes Service Discovery Protocol (SDP). • http://secunia.com/advisories/30051 http://securitytracker.com/id?1020221 http://www.securityfocus.com/bid/29522 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1777 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4730 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 91%CPEs: 20EXPL: 0

CVE-2008-1444 – Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2008-1444

Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." Desbordamiento de búfer basado en pila en Microsoft DirectX 7.0 y 8.1 o en Windows 2000 SP4 permite a atacantes remotos ejecutar código de su elección a través de un archivo Synchronized Accessible Media Interchange (SAMI) con parámetros manipulados para una variable Class Name, también conocida como la "Vulnerabilidad SAMI Format Parsing" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of SAMI files. When handling the properties of a "Class Name" variable a lack of bounds checking can result in a stack overflow. Successful exploitation can lead to remote code execution under the credentials of the logged in user. • http://marc.info/?l=bugtraq&m=121380194923597&w=2 http://secunia.com/advisories/30579 http://securityreason.com/securityalert/3937 http://securitytracker.com/id?1020223 http://www.securityfocus.com/archive/1/493250/100/0/threaded http://www.securityfocus.com/bid/29578 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1780 http://www.zerodayinitiative.com/advisories/ZDI-08-040 https://docs.microsoft.com/en-us/security-updates&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 2

CVE-2008-1471 – Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption

https://notcve.org/view.php?id=CVE-2008-1471

The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegación de servicio (caída del sistema o kernel panic), sobrescribir memoria o ejecutar código de su elección a través de una petición IOCTL manipulada que dispara una escritura en memoria fuera de límite. • https://www.exploit-db.com/exploits/31363 http://secunia.com/advisories/29311 http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp http://www.securityfocus.com/archive/1/489292/100/0/threaded http://www.securityfocus.com/bid/28150 http://www.securitytracker.com/id?1019568 http://www.trapkit.de/advisories/TKADV2008-001.txt http://www.vupen.com/english/advisories/2008/0 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 62%CPEs: 6EXPL: 0

CVE-2007-0025

https://notcve.org/view.php?id=CVE-2007-0025

The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll. El componente MFC en Microsoft Windows 2000 SP4, XP SP2 y 2003 SP1 y Visual Studio .NET 2000, 2002 SP1, 2003 y 2003 SP1 permite a atacantes remotos asistidos por usuario ejecutar código arbitrario a través de un archivo RTF con un objeto OLE mal formado que desencadena corrupción de memoria. NOTA: esto podría ser debido a un desbordamiento de buffer basado en pila en la función AfxOleSetEditMenu en MFC42u.dll. • http://secunia.com/advisories/24150 http://www.kb.cert.org/vuls/id/932041 http://www.osvdb.org/31887 http://www.securityfocus.com/bid/22476 http://www.securitytracker.com/id?1017638 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0581 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A157 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

1...5 6 7 8