CVSS: 10.0EPSS: 59%CPEs: 2EXPL: 0CVE-2004-0897
https://notcve.org/view.php?id=CVE-2004-0897
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. • http://secunia.com/advisories/13802 http://securitytracker.com/id?1012833 http://www.ciac.org/ciac/bulletins/p-095.shtml http://www.kb.cert.org/vuls/id/657118 http://www.securityfocus.com/bid/12228 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2447 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 1CVE-2004-2365
https://notcve.org/view.php?id=CVE-2004-2365
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount. • http://archives.neohapsis.com/archives/bugtraq/2004-02/0119.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15057 •
CVSS: 5.1EPSS: 96%CPEs: 9EXPL: 1CVE-2004-1049
https://notcve.org/view.php?id=CVE-2004-1049
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." • http://marc.info/?l=bugtraq&m=110382891718076&w=2 http://secunia.com/advisories/13645 http://securitytracker.com/id?1012684 http://www.ciac.org/ciac/bulletins/p-094.shtml http://www.kb.cert.org/vuls/id/625856 http://www.osvdb.org/12623 http://www.securityfocus.com/bid/12095 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp/index.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 2CVE-2004-2527
https://notcve.org/view.php?id=CVE-2004-2527
The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running. • http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.html http://securitytracker.com/id?1010836 http://www.osvdb.org/8368 https://exchange.xforce.ibmcloud.com/vulnerabilities/16851 •
CVSS: 7.5EPSS: 90%CPEs: 6EXPL: 1CVE-2004-0567 – Microsoft Windows Server 2000 - WINS Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0567
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •