CVSS: 9.3EPSS: 89%CPEs: 10EXPL: 0CVE-2006-1311
https://notcve.org/view.php?id=CVE-2006-1311
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. El componente RichEdit en Microsoft Windows 2000 SP4, XP SP2, y 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, y Office 2004 para Mac; y Learning Essentials para Microsoft Office 1.0, 1.1, y 1.5 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un objeto OLE mal formado en un fichero RTF, lo cual provoca una corrupción de memoria. • http://secunia.com/advisories/24152 http://www.kb.cert.org/vuls/id/368132 http://www.osvdb.org/31886 http://www.securityfocus.com/bid/21876 http://www.securitytracker.com/id?1017640 http://www.securitytracker.com/id?1017641 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0582 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/30592 https:/ •
CVSS: 10.0EPSS: 86%CPEs: 3EXPL: 0CVE-2006-5583
https://notcve.org/view.php?id=CVE-2006-5583
Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability." Desbordamiento de búfer en el SNMP Service de Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1 y, posiblemente, otras versiones, permite a atacantes remotos ejecutar código de su elección a través de paquetes SNMP modificados, también conocido como "Vulnerabilidad de corrupción de memoria SNMP". • http://secunia.com/advisories/23307 http://securitytracker.com/id?1017371 http://www.kb.cert.org/vuls/id/901584 http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/bid/21537 http://www.us-cert.gov/cas/techalerts/TA06-346A.html http://www.vupen.com/english/advisories/2006/4967 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A •
CVSS: 9.3EPSS: 94%CPEs: 45EXPL: 3CVE-2006-0005 – Microsoft Windows Media Player - Plugin Overflow (MS06-006)
https://notcve.org/view.php?id=CVE-2006-0005
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. • https://www.exploit-db.com/exploits/1520 https://www.exploit-db.com/exploits/1505 https://www.exploit-db.com/exploits/1504 http://secunia.com/advisories/18852 http://securitytracker.com/id?1015628 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393 http://www.kb.cert.org/vuls/id/692060 http://www.securityfocus.com/bid/16644 http://www.us-cert.gov/cas/techalerts/TA06-045A.html http://www.vupen.com/english/advisories/2006/0575 https://docs.micr • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 95%CPEs: 43EXPL: 6CVE-2004-0200 – Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)
https://notcve.org/view.php?id=CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •