Filtered by vendor Microsoft
Subscriptions
Total
20460 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1790 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | N/A |
| Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability." | ||||
| CVE-2005-1683 | 1 Microsoft | 1 Word | 2024-11-20 | N/A |
| Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | ||||
| CVE-2005-1665 | 1 Microsoft | 1 Asp.net | 2024-11-20 | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | ||||
| CVE-2005-1664 | 1 Microsoft | 1 Asp.net | 2024-11-20 | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | ||||
| CVE-2005-1649 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-11-20 | N/A |
| The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). | ||||
| CVE-2005-1574 | 1 Microsoft | 1 Windows Media Player | 2024-11-20 | N/A |
| Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled. | ||||
| CVE-2005-1219 | 1 Microsoft | 1 Image Color Management | 2024-11-20 | N/A |
| Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags. | ||||
| CVE-2005-1218 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-11-20 | N/A |
| The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| CVE-2005-1216 | 1 Microsoft | 1 Isa Server | 2024-11-20 | N/A |
| Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter. | ||||
| CVE-2005-1215 | 1 Microsoft | 1 Isa Server | 2024-11-20 | N/A |
| Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers. | ||||
| CVE-2005-1214 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more | 2024-11-20 | N/A |
| Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | ||||
| CVE-2005-1213 | 1 Microsoft | 1 Outlook Express | 2024-11-20 | N/A |
| Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | ||||
| CVE-2005-1212 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more | 2024-11-20 | N/A |
| Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | ||||
| CVE-2005-1211 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | N/A |
| Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | ||||
| CVE-2005-1208 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows 98 and 1 more | 2024-11-20 | N/A |
| Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | ||||
| CVE-2005-1207 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-11-20 | N/A |
| Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. | ||||
| CVE-2005-1206 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-11-20 | N/A |
| Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | ||||
| CVE-2005-1205 | 1 Microsoft | 1 Windows 2003 Server | 2024-11-20 | N/A |
| The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | ||||
| CVE-2005-1191 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2024-11-20 | N/A |
| The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. | ||||
| CVE-2005-1184 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98se and 2 more | 2024-11-20 | N/A |
| The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. | ||||