CVSS: 7.2EPSS: 0%CPEs: 45EXPL: 0CVE-2011-1229
https://notcve.org/view.php?id=CVE-2011-1229
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." Vulneravilidad de desreferencia a puntero nulo en win32k.sys en el controlador kernel-modeen en Microsoft Windows XP SP2 ySP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, R2, y R2 SP1, y Windows 7 Gold y SP1, permite a usuarios locales obtener privilegios a través de aplicaciones manipuladas lanzan un desreferencia a puntero nulo. Vulnerabilidad distinta de "Vulnerabilidad tipo 2" listada en los CVEs en MS11-034, también conocida como "Win32k Null Pointer De-reference Vulnerability." • http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx http://osvdb.org/71735 http://secunia.com/advisories/44156 http://support.avaya.com/css/P8/documents/100133352 http://www.securityfocus.com/bid/47229 http://www.securitytracker.com/id?1025345 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0952 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011 • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 89%CPEs: 46EXPL: 1CVE-2004-0839
https://notcve.org/view.php?id=CVE-2004-0839
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". • http://marc.info/?l=bugtraq&m=109303291513335&w=2 http://marc.info/?l=bugtraq&m=109336221826652&w=2 http://seclists.org/lists/fulldisclosure/2004/Aug/0868.html http://www.kb.cert.org/vuls/id/526089 http://www.securityfocus.com/bid/10973 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/17044 https://oval.cisecurity.org/repository/search&# •