Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-0053 | 7.5 |
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
|
23-07-2021 - 12:55 | 02-05-2005 - 04:00 | |
CVE-2004-0566 | 7.5 |
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
|
23-07-2021 - 12:19 | 27-07-2004 - 04:00 | |
CVE-2005-0054 | 5.1 |
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to gene
|
23-07-2021 - 12:18 | 02-05-2005 - 04:00 | |
CVE-2002-0055 | 5.0 |
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
|
09-04-2020 - 13:46 | 08-03-2002 - 05:00 | |
CVE-2003-0824 | 5.0 |
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain
|
30-04-2019 - 14:27 | 15-12-2003 - 05:00 | |
CVE-1999-0691 | 7.2 |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
|
30-10-2018 - 16:26 | 13-09-1999 - 04:00 | |
CVE-2004-0200 | 9.3 |
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to
|
30-10-2018 - 16:25 | 28-09-2004 - 04:00 | |
CVE-2007-0671 | 9.3 |
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in tar
|
12-10-2018 - 21:42 | 03-02-2007 - 01:28 | |
CVE-2005-0051 | 7.5 |
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe
|
12-10-2018 - 21:35 | 02-05-2005 - 04:00 | |
CVE-2004-1049 | 5.1 |
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and I
|
12-10-2018 - 21:35 | 31-12-2004 - 05:00 | |
CVE-2004-0572 | 10.0 |
Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grp
|
12-10-2018 - 21:34 | 03-11-2004 - 05:00 | |
CVE-2003-0306 | 7.2 |
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
|
12-10-2018 - 21:32 | 09-06-2003 - 04:00 | |
CVE-2003-0232 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0615 | 4.3 |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
|
03-05-2018 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2003-0462 | 1.2 |
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2003-0461 | 2.1 |
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2007-5632 | 4.9 |
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_m
|
29-09-2017 - 01:29 | 23-10-2007 - 17:46 |