CVE-2006-1313

all versions

Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "rele

CVE-2006-2376

all versions

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers t

CVE-2006-0012

all versions

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote att

CVE-2006-0006

all versions

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Playe

CVE-2006-0010

all versions

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, an

CVE-2006-0020

all versions

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Window

CVE-2006-0143

all versions

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash)

CVE-2005-0058

all versions

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Win

CVE-2005-2388

all versions

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

CVE-2005-1214

all versions

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompt

CVE-2005-1212

all versions

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via

CVE-2005-1793

all versions

User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of

CVE-2005-1191

all versions

The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in

CVE-2005-1184

all versions

The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP pa

CVE-2005-0063

all versions

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allow

CVE-2005-0061

all versions

The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via ce

CVE-2005-0060

all versions

Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows

CVE-2005-0059

all versions

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute a

CVE-2005-0057

all versions

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a cra

CVE-2005-0053

all versions

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-D

CVE-2005-0044

all versions

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the l

CVE-2005-0416

all versions

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 all

CVE-2004-0790

all versions

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed I

CVE-2004-0901

all versions

Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, whic

CVE-2004-0571

all versions

Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute

CVE-2004-1305

all versions

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 all

CVE-2004-1319

all versions

The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name f

CVE-2004-0597

all versions

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary c

CVE-2004-0839

all versions

Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary progr

CVE-2004-0230

all versions

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service

CVE-2004-0202

all versions

IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and ea

CVE-2004-0201

all versions

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Serve

CVE-2003-1048

all versions

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of

7.8HIGH

CVE-2004-0123

all versions

Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allow

CVE-2003-0469

all versions

Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial

CVE-2003-0010

all versions

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows op

CVE-2002-2185

all versions

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a t

CVE-2002-1325

all versions

Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java

CVE-2002-1260

all versions

The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass

CVE-2002-1258

all versions

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other a

CVE-2002-1257

all versions

Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a

CVE-2002-1183

all versions

Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote atta

CVE-2002-0694

all versions

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Win

CVE-2002-0693

all versions

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4

CVE-2002-0862

all versions

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Micros

CVE-2002-0699

all versions

Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Mi

CVE-2002-0070

all versions

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary cod

CVE-2002-0053

all versions

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers

CVE-2001-0877

all versions

Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoo

CVE-2001-0876

all versions

Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary cod

CVE-2001-0721

all versions

Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consum

CVE-2001-1055

all versions

The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malforme

CVE-2001-0238

all versions

Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Z

CVE-2000-1039

all versions

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with

CVE-2000-0980

all versions

NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, whi

CVE-2000-0979

all versions

File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, wh

CVE-2000-1003

all versions

NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing servi

CVE-2000-0790

all versions

The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse

CVE-2000-1218

all versions

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching par

9.8CRITICAL

CVE-2000-0168

all versions

Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device nam

CVE-1999-0909

all versions

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options

CVE-1999-0875

all versions

DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.