Page 80 of 431 results (0.014 seconds)

CVSS: 10.0EPSS: 97%CPEs: 37EXPL: 2

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." El servicio WINS (wins.exe) de Microsoft Windows NT Server 4.0, Windows 2000 Server y Windows Server 2003 permite a atacantes remotos escribir localizaciones de memoria arbitrarias y posiblemente ejecutar código arbitrario mediante un puntero de memoria modificado en un paquete de replicación WINS al puerto TCP 42. • https://www.exploit-db.com/exploits/909 https://www.exploit-db.com/exploits/16359 http://marc.info/?l=bugtraq&m=110150370506704&w=2 http://secunia.com/advisories/13328 http://securitytracker.com/id?1012516 http://support.microsoft.com/kb/890710 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.immunitysec.com/downloads/instantanea.pdf http://www.kb.cert.org/vuls/id/145134 http://www.osvdb.org/12378 http://www.securityfocus.com/bid/11763 http:// •

CVSS: 10.0EPSS: 89%CPEs: 4EXPL: 0

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. El componente SMTP (Simple Mail Transfer Protocol) de Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, y el componente Exchange Routing Engine de Exchange Server 2003 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta DNS maliciosa conteniendo valores de longitud que no son validados adecuadamente. • http://www.kb.cert.org/vuls/id/394792 http://www.securityfocus.com/bid/11374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/17621 https://exchange.xforce.ibmcloud.com/vulnerabilities/17660 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460 https://oval.cisecurity.org/repository/search/ • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 14%CPEs: 5EXPL: 2

Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. Los servicios Network Dynamic Data Exchange (NetDDE) de Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 permiten a atacantes ejecutar código de su elección remotamente o ganar privilegios localmente mediante un mensaje o aplicación maliciosos que envuelve un "búfer sin comprobar", posiblemente un desbordamiento de búfer. • https://www.exploit-db.com/exploits/16371 https://www.exploit-db.com/exploits/734 http://marc.info/?l=bugtraq&m=109786703930674&w=2 http://secunia.com/advisories/12803 http://www.kb.cert.org/vuls/id/640488 http://www.securityfocus.com/bid/11372 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-031 https://exchange.xforce.ibmcloud.com/vulnerabilities/16556 https://exchange.xforce.ibmcloud.com/vulnerabilities/17657 https://oval.cisecurity.org/repository&#x •

CVSS: 10.0EPSS: 67%CPEs: 3EXPL: 1

Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." Vulnerabilidad desconocida en los procesos del Motor de Generación de Gráficos de Microsoft Windows 2000, Windows XP, y Windows Server 2003 permite a atacantes remotos ejecutar código de su elección mediante formatos de imagen (1) Metafichero de Windows (WMF) o (2) Metafichero Mejorado (EMF) que tiene que ver con "un búfer no comprobado" • https://www.exploit-db.com/exploits/584 http://marc.info/?l=bugtraq&m=109829067325779&w=2 http://www.kb.cert.org/vuls/id/806278 http://www.securityfocus.com/bid/11375 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-032 https://exchange.xforce.ibmcloud.com/vulnerabilities/16581 https://exchange.xforce.ibmcloud.com/vulnerabilities/17658 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1872 https://oval.cisecurity.org/repos •

CVSS: 10.0EPSS: 81%CPEs: 4EXPL: 2

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation. Desbordamiento de enteros en DUNZIP32.DLL de Microsoft Windows XP, Windows XP edición de 64 bits, Windows Server 2003, y Windows Server 2003 edición de 64 bits permite a atacantes remotos ejecutar código de su elección mediante carpetas comprimidas ("zipeadas") que envuelven un "búfer no comprobado" y una validación de longitud inapropiada. • https://www.exploit-db.com/exploits/677 https://www.exploit-db.com/exploits/640 http://marc.info/?l=ntbugtraq&m=109767342326300&w=2 http://securitytracker.com/id?1011637 http://www.ciac.org/ciac/bulletins/p-010.shtml http://www.eeye.com/html/research/advisories/AD20041012A.html http://www.kb.cert.org/vuls/id/649374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034 https://exchange.xforce.ibmcloud.com/vulnerabilities/17624 https://exchange •