| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-1048 | 10.0 |
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
|
02-02-2024 - 15:23 | 27-07-2004 - 04:00 | |
| CVE-2007-3826 | 9.3 |
Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, bu
|
23-07-2021 - 15:04 | 17-07-2007 - 21:30 | |
| CVE-2004-0420 | 10.0 |
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demo
|
23-07-2021 - 15:02 | 07-07-2004 - 04:00 | |
| CVE-2002-0026 | 7.5 |
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made.
|
23-07-2021 - 12:55 | 08-03-2002 - 05:00 | |
| CVE-2005-0056 | 5.1 |
Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cro
|
23-07-2021 - 12:18 | 02-05-2005 - 04:00 | |
| CVE-2004-0840 | 10.0 |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute
|
09-04-2020 - 13:51 | 03-11-2004 - 05:00 | |
| CVE-2003-0028 | 7.5 |
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
|
21-01-2020 - 15:45 | 25-03-2003 - 05:00 | |
| CVE-2005-0047 | 7.2 |
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
|
30-04-2019 - 14:27 | 02-05-2005 - 04:00 | |
| CVE-2003-0662 | 9.3 |
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
|
30-04-2019 - 14:27 | 17-11-2003 - 05:00 | |
| CVE-2003-0352 | 7.5 |
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
|
30-04-2019 - 14:27 | 18-08-2003 - 04:00 | |
| CVE-2006-2372 | 10.0 |
Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response.
|
18-10-2018 - 16:39 | 11-07-2006 - 21:05 | |
| CVE-2006-2388 | 9.3 |
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
|
18-10-2018 - 16:39 | 13-07-2006 - 21:05 | |
| CVE-2006-5994 | 9.3 |
Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string
|
17-10-2018 - 21:46 | 06-12-2006 - 20:28 | |
| CVE-2007-2228 | 7.8 |
rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of serv
|
16-10-2018 - 16:42 | 09-10-2007 - 22:17 | |
| CVE-2004-1244 | 7.5 |
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."
|
12-10-2018 - 21:35 | 08-02-2004 - 05:00 | |
| CVE-2004-0848 | 7.5 |
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
|
12-10-2018 - 21:35 | 08-02-2005 - 05:00 | |
| CVE-2004-0597 | 10.0 |
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transpar
|
12-10-2018 - 21:34 | 23-11-2004 - 05:00 | |
| CVE-2004-0206 | 7.5 |
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or appl
|
12-10-2018 - 21:34 | 03-11-2004 - 05:00 | |
| CVE-2003-0230 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
| CVE-2000-1081 | 4.6 |
The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which
|
12-10-2018 - 21:29 | 09-01-2001 - 05:00 |