CVSS: 9.8EPSS: 44%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
14 Jun 2005 — Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true •
CVSS: 8.1EPSS: 32%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
14 Jun 2005 — Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 3CVE-2003-0496 – Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0496
10 Jul 2003 — Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. Microsoft Windows 2000 pre-SP4 no maneja adecuadamente tuberias con nombre (named pipes) a través de la API CreateFile, de forma que usuarios locales pueden ganar privilegios llamando al procedimiento almacenado extendidoxp_fileexist de SQL Server con un nombre de tubería como argumento en ve... • https://www.exploit-db.com/exploits/22882 •
CVSS: 7.8EPSS: 3%CPEs: 45EXPL: 0CVE-2003-0112
https://notcve.org/view.php?id=CVE-2003-0112
26 Apr 2003 — Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. Desbordamiento de búfer en el Kernel de Windows permite a usuarios locales ganar privilegios haciendo que ciertos mensajes de error sean pasados a un depurador. • http://www.kb.cert.org/vuls/id/446338 •
CVSS: 9.8EPSS: 26%CPEs: 11EXPL: 1CVE-2003-0111 – Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
https://notcve.org/view.php?id=CVE-2003-0111
15 Apr 2003 — The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise." El componente Verificador de ByteCode de la Máquina Virtual (VW) de Microsoft compilación 5.0.3809 y anteriores, usada en en Windows y en Internet Explorer, permite a atacantes remotos eludir comprobaciones de s... • https://www.exploit-db.com/exploits/22027 •
CVSS: 7.5EPSS: 58%CPEs: 45EXPL: 5CVE-2002-1561 – Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service
https://notcve.org/view.php?id=CVE-2002-1561
26 Mar 2003 — The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. La pila DCE-RPC en Windows 2000 y otros sistemas operativos permite a atacantes remotos causar una denegación de servicio (desactivar el servico RCP) mediante un paquete malformado al puerto TCP 135, que dispara una desreferencia a un puntero nulo. • https://www.exploit-db.com/exploits/21951 •
CVSS: 8.8EPSS: 18%CPEs: 46EXPL: 0CVE-2003-0010
https://notcve.org/view.php?id=CVE-2003-0010
21 Mar 2003 — Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. Desbordamiento de enteros en JsArrayFunctionHeapSort usado en el Motor de script Windows de JScript (JScript.dll) en varios sistemas operativos Windows permite a atacantes remotos ejecutar có... • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html •
CVSS: 8.4EPSS: 89%CPEs: 8EXPL: 10CVE-2003-0109 – Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow
https://notcve.org/view.php?id=CVE-2003-0109
18 Mar 2003 — Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. • https://www.exploit-db.com/exploits/1 •
CVSS: 7.8EPSS: 21%CPEs: 45EXPL: 2CVE-2003-0003 – Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow
https://notcve.org/view.php?id=CVE-2003-0003
07 Feb 2003 — Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. Desbordamiento de búfer en el servicio Localizador de Windows NT 4.0, Windows NT 4.0 Terminal server Edition, Windows 2000, y Windows XP permite a usuarios locales ejecutar código arbitrario mediante una llamada RPC al servicio conteniendo cierta infor... • https://www.exploit-db.com/exploits/5 •
CVSS: 5.3EPSS: 1%CPEs: 37EXPL: 5CVE-2003-0001 – Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
https://notcve.org/view.php?id=CVE-2003-0001
08 Jan 2003 — Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. Múltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener información de paquetes anteriores o memoria del kernel ... • https://packetstorm.news/files/id/121969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •