Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-0564

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Feb, 2006 | 23:00
Updated At-07 Aug, 2024 | 16:41
Rejected At-
Credits

Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Feb, 2006 | 23:00
Updated At:07 Aug, 2024 | 16:41
Rejected At:
▼CVE Numbering Authority (CNA)

Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://secunia.com/advisories/18740
third-party-advisory
x_refsource_SECUNIA
http://www.osvdb.org/22941
vdb-entry
x_refsource_OSVDB
http://securitytracker.com/id?1015585
vdb-entry
x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
vdb-entry
x_refsource_XF
http://users.pandora.be/bratax/advisories/b008.html
x_refsource_MISC
http://www.kb.cert.org/vuls/id/124460
third-party-advisory
x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2006/0446
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/18740
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.osvdb.org/22941
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://securitytracker.com/id?1015585
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://users.pandora.be/bratax/advisories/b008.html
Resource:
x_refsource_MISC
Hyperlink: http://www.kb.cert.org/vuls/id/124460
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.vupen.com/english/advisories/2006/0446
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://secunia.com/advisories/18740
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.osvdb.org/22941
vdb-entry
x_refsource_OSVDB
x_transferred
http://securitytracker.com/id?1015585
vdb-entry
x_refsource_SECTRACK
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
vdb-entry
x_refsource_XF
x_transferred
http://users.pandora.be/bratax/advisories/b008.html
x_refsource_MISC
x_transferred
http://www.kb.cert.org/vuls/id/124460
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.vupen.com/english/advisories/2006/0446
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/18740
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.osvdb.org/22941
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://securitytracker.com/id?1015585
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://users.pandora.be/bratax/advisories/b008.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/124460
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/0446
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Feb, 2006 | 23:02
Updated At:03 Apr, 2025 | 01:03

Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

Microsoft Corporation
microsoft
>>html_help>>1.4
cpe:2.3:a:microsoft:html_help:1.4:*:sdk:*:*:*:*:*
Microsoft Corporation
microsoft
>>html_help_workshop>>4.74.8702.0
cpe:2.3:a:microsoft:html_help_workshop:4.74.8702.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://secunia.com/advisories/18740cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1015585cve@mitre.org
N/A
http://users.pandora.be/bratax/advisories/b008.htmlcve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/124460cve@mitre.org
US Government Resource
http://www.osvdb.org/22941cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/0446cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/24481cve@mitre.org
N/A
http://secunia.com/advisories/18740af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1015585af854a3a-2127-422b-91ae-364da2661108
N/A
http://users.pandora.be/bratax/advisories/b008.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/124460af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.osvdb.org/22941af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/0446af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/24481af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://secunia.com/advisories/18740
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1015585
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://users.pandora.be/bratax/advisories/b008.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/124460
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.osvdb.org/22941
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0446
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/18740
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1015585
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://users.pandora.be/bratax/advisories/b008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/124460
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.osvdb.org/22941
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/0446
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/24481
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

758Records found

CVE-2006-1314
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-76.53% / 98.90%
||
7 Day CHG~0.00%
Published-11 Jul, 2006 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2006-1245
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-69.67% / 98.60%
||
7 Day CHG~0.00%
Published-17 Mar, 2006 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-ien/a
CVE-2006-1188
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-63.99% / 98.35%
||
7 Day CHG~0.00%
Published-11 Apr, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.

Action-Not Available
Vendor-n/aCanon Inc.Microsoft Corporation
Product-network_camera_server_vb101internet_explorerien/a
CVE-2006-0143
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-75.57% / 98.85%
||
7 Day CHG~0.00%
Published-09 Jan, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_98sewindows_xpwindows_2000windows_98windows_mewindows_2003_servern/a
CVE-2006-0027
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-86.63% / 99.38%
||
7 Day CHG~0.00%
Published-09 May, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exchange_servern/a
CVE-2006-0544
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-42.40% / 97.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2006 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-ien/a
CVE-2006-0034
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-51.97% / 97.82%
||
7 Day CHG~0.00%
Published-09 May, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_ntdistributed_transaction_coordinatorwindows_xpwindows_2000windows_2003_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-0830
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-32.86% / 96.73%
||
7 Day CHG~0.00%
Published-21 Feb, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CVE-2006-0376
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-28.85% / 96.38%
||
7 Day CHG~0.00%
Published-22 Jan, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2006-0057
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-45.82% / 97.54%
||
7 Day CHG~0.00%
Published-27 Jan, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting. NOTE: CERT/CC claims that MS05-054 fixes this issue, but it is not described in MS05-054.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerien/a
CVE-2005-4560
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-90.52% / 99.59%
||
7 Day CHG~0.00%
Published-28 Dec, 2005 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2003_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0902
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-17.98% / 94.90%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_servicesn/a
CVE-2005-4827
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-18.76% / 95.04%
||
7 Day CHG~0.00%
Published-07 Feb, 2007 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.

Action-Not Available
Vendor-n/aCanon Inc.Microsoft Corporation
Product-network_camera_server_vb101internet_explorerien/a
CVE-2001-0718
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-16.30% / 94.58%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointexceln/a
CVE-2002-0079
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-77.56% / 98.95%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_serverinternet_information_servicesn/a
CVE-2001-0860
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.10% / 92.33%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000n/a
CVE-2001-0504
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-15.52% / 94.41%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CVE-2001-0162
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.31% / 91.30%
||
7 Day CHG~0.00%
Published-14 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_embedded_compactn/a
CVE-2001-0341
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-25.17% / 95.97%
||
7 Day CHG~0.00%
Published-18 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-frontpage_server_extensionswindows_ntwindows_2000n/a
CVE-2005-3483
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.54% / 95.19%
||
7 Day CHG~0.00%
Published-03 Nov, 2005 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.

Action-Not Available
Vendor-graphonn/aMicrosoft Corporation
Product-go-globalwindowsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-1104
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.31% / 90.58%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_serverinternet_information_servicesn/a
CVE-2001-0242
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.67% / 93.72%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_media_playern/a
CVE-2000-1139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.32% / 89.66%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exchange_servern/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-26630
Matching Score-8
Assigner-KrCERT/CC
ShareView Details
Matching Score-8
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.37% / 57.95%
||
7 Day CHG~0.00%
Published-19 May, 2022 | 14:52
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HANDY Groupware file download and execute vulnerability

Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function.

Action-Not Available
Vendor-handysoftHandysoft Co.,LtdMicrosoft Corporation
Product-windowsgroupwareHANDY Groupware
CWE ID-CWE-20
Improper Input Validation
CVE-2005-3168
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.62% / 69.09%
||
7 Day CHG~0.00%
Published-06 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the template.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CVE-2000-0970
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-20.31% / 95.30%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_serverinternet_information_servicesn/a
CVE-2005-2831
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-65.28% / 98.41%
||
7 Day CHG~0.00%
Published-14 Dec, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerien/a
CVE-2001-0153
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.53% / 84.84%
||
7 Day CHG+0.49%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-visual_basicvisual_studion/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-0154
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-16.80% / 94.68%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CVE-2000-0982
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-10.21% / 92.83%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CVE-2001-0664
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-27.30% / 96.22%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CVE-2005-1984
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-31.43% / 96.62%
||
7 Day CHG~0.00%
Published-10 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2005-1989
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-62.78% / 98.31%
||
7 Day CHG~0.00%
Published-10 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability".

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerien/a
CVE-2005-2123
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-63.24% / 98.33%
||
7 Day CHG~0.00%
Published-29 Nov, 2005 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2000-0885
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-24.68% / 95.92%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-systems_management_serverwindows_ntwindows_2000n/a
CVE-2017-12939
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.41% / 84.49%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.

Action-Not Available
Vendor-unity3dn/aMicrosoft Corporation
Product-unity_editorwindowsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2000-0621
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.84% / 90.19%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-outlookoutlook_expressn/a
CVE-2000-0053
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-14.20% / 94.12%
||
7 Day CHG~0.00%
Published-18 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-commercial_internet_systemn/a
CVE-2000-0085
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.04% / 93.52%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-hotmailn/a
CVE-2000-0161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.39% / 91.95%
||
7 Day CHG~0.00%
Published-22 Mar, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-site_servern/a
CVE-1999-1484
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.05% / 91.76%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-msn_setup_bulletin_board_servicesn/a
CVE-2005-2308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-45.84% / 97.54%
||
7 Day CHG~0.00%
Published-19 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-ien/a
CVE-2000-0202
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.62% / 93.70%
||
7 Day CHG~0.00%
Published-10 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-sql_serverdata_enginen/a
CVE-2000-0457
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-35.04% / 96.90%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_serverinternet_information_servicesn/a
CVE-2005-1985
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-58.18% / 98.10%
||
7 Day CHG~0.00%
Published-13 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2000windows_2003_servern/a
CVE-2020-35769
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.94%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 05:35
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program.

Action-Not Available
Vendor-n/aMicrosoft CorporationWebmin
Product-webminwindowsn/a
CVE-2017-0249
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-5.79% / 90.15%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

Action-Not Available
Vendor-Microsoft Corporation
Product-microsoft.aspnetcore.mvc.apiexplorermicrosoft.aspnetcore.mvc.dataannotationsmicrosoft.aspnetcore.mvc.formatters.jsonsystem.net.securitymicrosoft.aspnetcore.mvc.razormicrosoft.aspnetcore.mvc.formatters.xmlmicrosoft.aspnetcore.mvc.corsmicrosoft.aspnetcore.mvc.localizationmicrosoft.aspnetcore.mvc.viewfeaturesmicrosoft.aspnetcore.mvc.webapicompatshimmicrosoft.aspnetcore.mvc.abstractionssystem.net.http.winhttphandlersystem.net.httpasp.net_model_view_controllersystem.text.encodings.websystem.net.websockets.clientmicrosoft.aspnetcore.mvc.razor.hostmicrosoft.aspnetcore.mvc.taghelpersASP.NET Core
CWE ID-CWE-20
Improper Input Validation
CVE-2005-2127
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-42.71% / 97.38%
||
7 Day CHG~0.00%
Published-19 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."

Action-Not Available
Vendor-atin/aMicrosoft Corporation
Product-projectcatalyst_driverofficevisio.net_frameworkvisual_studio_.netn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1457
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.1||HIGH
EPSS-0.46% / 63.22%
||
7 Day CHG~0.00%
Published-27 Jun, 2018 | 18:00
Updated-05 Feb, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-engineering_requirements_management_doorswindowslinux_kernelRational DOORS
CVE-2005-1935
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-27.21% / 96.21%
||
7 Day CHG~0.00%
Published-09 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_ntwindows_2000windows_2003_servern/a
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 15
  • 16
  • Next
Details not found