Page 81 of 637 results (0.011 seconds)

CVSS: 7.2EPSS: 0%CPEs: 21EXPL: 1

CVE-2005-0047 – Microsoft Windows - COM Structured Storage Local (MS05-012)

https://notcve.org/view.php?id=CVE-2005-0047

Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." • https://www.exploit-db.com/exploits/1019 http://marc.info/?l=bugtraq&m=111755870828817&w=2 http://www.argeniss.com/research/SSExploit.c http://www.kb.cert.org/vuls/id/597889 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/19105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159 https://oval.cisecurity& •

CVSS: 7.5EPSS: 49%CPEs: 25EXPL: 0

CVE-2005-0044

https://notcve.org/view.php?id=CVE-2005-0044

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." • http://www.kb.cert.org/vuls/id/927889 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/19109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A35 •

CVSS: 7.5EPSS: 79%CPEs: 24EXPL: 0

CVE-2005-0057

https://notcve.org/view.php?id=CVE-2005-0057

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow. La biblioteca de objetos Hyperlink para Windows 98, 2000, XP y Server 2003 permite a los atacantes remotos ejecutar código arbitrario a través de un enlace diseñado que activa un "buffer no controlado" en la biblioteca, posiblemente debido a un desbordamiento del buffer. • http://secunia.com/advisories/14195 http://securitytracker.com/id?1013119 http://www.kb.cert.org/vuls/id/820427 http://www.securityfocus.com/bid/12479 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/19110 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570 https://oval.cisecurity.org/repository/search/definition •

CVSS: 5.1EPSS: 96%CPEs: 9EXPL: 1

CVE-2004-1049

https://notcve.org/view.php?id=CVE-2004-1049

Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." • http://marc.info/?l=bugtraq&m=110382891718076&w=2 http://secunia.com/advisories/13645 http://securitytracker.com/id?1012684 http://www.ciac.org/ciac/bulletins/p-094.shtml http://www.kb.cert.org/vuls/id/625856 http://www.osvdb.org/12623 http://www.securityfocus.com/bid/12095 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp/index.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https •

CVSS: 7.5EPSS: 90%CPEs: 6EXPL: 1

CVE-2004-0567 – Microsoft Windows Server 2000 - WINS Remote Code Execution

https://notcve.org/view.php?id=CVE-2004-0567

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." • https://www.exploit-db.com/exploits/733 http://secunia.com/advisories/13466 http://securitytracker.com/id?1012517 http://www.ciac.org/ciac/bulletins/p-054.shtml http://www.kb.cert.org/vuls/id/378160 http://www.osvdb.org/12370 http://www.securityfocus.com/bid/11922 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045 https://exchange.xforce.ibmcloud.com/vulnerabilities/18259 •