CVSS: 9.3EPSS: 79%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacantes remotos ejecutar código arbitrario a través de un mensajes de correo electrónico o una página web con una fuente web Embedded Open Type (EOT) manipulada que desencadena el desbordamiento durante la descompresión. • http://seclists.org/fulldisclosure/2006/Jan/363 http://secunia.com/advisories/18311 http://secunia.com/advisories/18365 http://secunia.com/advisories/18391 http://securitytracker.com/id?1015459 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html http://www.kb.cert.org/vuls/id/915930 http://www.osvdb.org/18829 http://www.securityfocus.com/archive/1/421885/100/0/threaded http://www.securityfocus.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0016
https://notcve.org/view.php?id=CVE-2001-0016
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. • http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html http://www.securityfocus.com/bid/2348 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/6076 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2001-0017
https://notcve.org/view.php?id=CVE-2001-0017
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. • http://www.securityfocus.com/bid/2368 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/6103 •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-1999-0590
https://notcve.org/view.php?id=CVE-1999-0590
A system does not present an appropriate legal message or warning to a user who is accessing it. • http://ciac.llnl.gov/ciac/bulletins/j-043.shtml •
CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 0CVE-1999-0585
https://notcve.org/view.php?id=CVE-1999-0585
A Windows NT administrator account has the default name of Administrator. • https://www.cve.org/CVERecord?id=CVE-1999-0585 •