CVE-2007-1212 – Microsoft Windows - GDI Privilege Escalation (MS07-017)
https://notcve.org/view.php?id=CVE-2007-1212
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file. Desbordamiento de búfer en el Graphics Device Interface (GDI) en Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, y SP2; y Vista permite a usuarios locales ganar privilegios a través de archivos de imágenes con formato Enhanced Metafile(EMF). • https://www.exploit-db.com/exploits/3688 https://www.exploit-db.com/exploits/3755 https://www.exploit-db.com/exploits/3804 http://www.securityfocus.com/archive/1/466186/100/200/threaded http://www.securityfocus.com/bid/23278 http://www.securitytracker.com/id?1017844 http://www.vupen.com/english/advisories/2007/1215 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •
CVE-2007-1211 – Microsoft Windows - GDI Privilege Escalation (MS07-017)
https://notcve.org/view.php?id=CVE-2007-1211
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560. Funciones GDI no especificadas del kernel en Microsoft Windows 2000 SP4; XP SP2; y Server 2003 Gold, SP1 y SP2, permiten a los atacantes remotos asistidos por el usuario causar una denegación de servicio (reinicio posiblemente persistente) por medio de una imagen de Windows Metafile (WMF) creada que causa una desreferencia no válida de un desplazamiento (offset) en una estructura del kernel, un problema relacionado al CVE-2005-4560. • https://www.exploit-db.com/exploits/3688 https://www.exploit-db.com/exploits/3755 https://www.exploit-db.com/exploits/3804 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499 http://www.securityfocus.com/archive/1/466186/100/200/threaded http://www.securityfocus.com/bid/23275 http://www.securitytracker.com/id?1017843 http://www.vupen.com/english/advisories/2007/1215 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 https:/ • CWE-399: Resource Management Errors •
CVE-2007-1215 – Microsoft Windows - GDI Privilege Escalation (MS07-017)
https://notcve.org/view.php?id=CVE-2007-1215
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images. Desbordamiento de búfer en el Graphics Device Interface (GDI) del Microsoft Windows 2000 SP4, XP SP2, Server 2003 Gold, SP1, y SP2 y en el Vista permite a usuarios locales obtener privilegios mediante ciertos "parámetros de colores relacionados" en imágenes manipuladas. • https://www.exploit-db.com/exploits/3688 https://www.exploit-db.com/exploits/3755 https://www.exploit-db.com/exploits/3804 http://www.securityfocus.com/archive/1/466186/100/200/threaded http://www.securityfocus.com/bid/23273 http://www.securitytracker.com/id?1017847 http://www.vupen.com/english/advisories/2007/1215 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •
CVE-2007-0038 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-0038
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred. Un desbordamiento de búfer en la región stack de la memoria en el código de cursor animado en Microsoft Windows 2000 SP4 hasta Vista, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (reinicio persistente) por medio de un valor de gran longitud en el segundo bloque anih (o posterior) de un archivo RIFF .ANI, cur o .ico, lo que resulta en una corrupción de memoria cuando se procesan cursores, cursores animados e iconos, una variante de CVE-2005-0416, como es demostrado originalmente usando Internet Explorer versiones 6 y 7. NOTA: esto podría ser un duplicado de CVE-2007-1765; si es así, entonces CVE-2007-0038 debe ser preferido. • https://www.exploit-db.com/exploits/3684 https://www.exploit-db.com/exploits/3647 https://www.exploit-db.com/exploits/3695 https://www.exploit-db.com/exploits/3652 https://www.exploit-db.com/exploits/3617 https://www.exploit-db.com/exploits/3688 https://www.exploit-db.com/exploits/3755 https://www.exploit-db.com/exploits/3804 https://www.exploit-db.com/exploits/3636 https://www.exploit-db.com/exploits/3651 https://www.exploit-db.com/exploits/4045 https: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-7030
https://notcve.org/view.php?id=CVE-2006-7030
Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de ciertos HTML malformados, posiblemente afectando a etiquetas base y applet sin argumentos requeridos, lo cual dispara un puntero nulo no referenciado en mshtml.dll. • http://securityreason.com/securityalert/2286 http://www.securityfocus.com/archive/1/435095/30/4710/threaded http://www.securityfocus.com/archive/1/435129/30/4710/threaded http://www.securityfocus.com/bid/18112 https://exchange.xforce.ibmcloud.com/vulnerabilities/26808 •