Page 78 of 431 results (0.010 seconds)

CVSS: 5.1EPSS: 29%CPEs: 58EXPL: 3

CVE-2004-1306 – Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow

https://notcve.org/view.php?id=CVE-2004-1306

Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. El desbordamiento de búfer basado en memoria dinámica (heap) en winhlp32.exe en Windows NT, Windows 2000 a SP4, Windows XP a SP2 y Windows 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un archivo.hlp diseñado. • https://www.exploit-db.com/exploits/25049 http://marc.info/?l=bugtraq&m=110383690219440&w=2 http://www.securityfocus.com/bid/12092 http://www.xfocus.net/flashsky/icoExp https://exchange.xforce.ibmcloud.com/vulnerabilities/18678 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2004-2339

https://notcve.org/view.php?id=CVE-2004-2339

Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed • http://archives.neohapsis.com/archives/bugtraq/2004-02/0529.html http://archives.neohapsis.com/archives/bugtraq/2004-02/0530.html http://www.securityfocus.com/archive/1/354392 http://www.securitytracker.com/id?1009128 https://exchange.xforce.ibmcloud.com/vulnerabilities/15263 •

CVSS: 5.0EPSS: 5%CPEs: 56EXPL: 1

CVE-2004-1361

https://notcve.org/view.php?id=CVE-2004-1361

Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. • http://marc.info/?l=bugtraq&m=110383690219440&w=2 http://www.securityfocus.com/bid/12091 http://www.xfocus.net/flashsky/icoExp https://exchange.xforce.ibmcloud.com/vulnerabilities/18678 •

CVSS: 5.0EPSS: 19%CPEs: 67EXPL: 1

CVE-2004-1305 – Microsoft Windows Kernel - '.ANI' File Parsing Crash

https://notcve.org/view.php?id=CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. • https://www.exploit-db.com/exploits/721 http://marc.info/?l=bugtraq&m=110382854111833&w=2 http://www.kb.cert.org/vuls/id/177584 http://www.kb.cert.org/vuls/id/697136 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/18667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o •

CVSS: 10.0EPSS: 9%CPEs: 74EXPL: 0

CVE-2004-0568

https://notcve.org/view.php?id=CVE-2004-0568

HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. La aplicación Hyperterminal de Windows NT 4.0, 2000, XP y Server 2003 no valida adecuadamente la longitud de un valor guardado en un fichero de sesión, lo que permite a atacantes remotos ejecutar código arbitrario mediante un fichero de sesión de HyperTerminal (.ht) malicioso, sitio web, o URL Telnet contenida en un mensaje de correo electrónico, disparando un desbordamiento de búfer. • http://marc.info/?l=bugtraq&m=110312618614849&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-043 https://exchange.xforce.ibmcloud.com/vulnerabilities/18336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1603 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2545 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3138 https://oval.cisecurity.org/repository/search •