Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Xp
Subscriptions
Total
1352 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-1983 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | N/A |
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | ||||
CVE-2006-3730 | 1 Microsoft | 3 Ie, Internet Explorer, Windows Xp | 2025-04-03 | N/A |
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. | ||||
CVE-2006-2370 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." | ||||
CVE-2006-2218 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2025-04-03 | N/A |
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992. | ||||
CVE-2006-1313 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2025-04-03 | N/A |
Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. | ||||
CVE-2005-2118 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | ||||
CVE-2005-2117 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Explorer and 1 more | 2025-04-03 | N/A |
Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code. | ||||
CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | N/A |
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | ||||
CVE-2002-2324 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings. | ||||
CVE-2002-2028 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | N/A |
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | ||||
CVE-2005-0048 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | N/A |
Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability." | ||||
CVE-2005-0047 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." | ||||
CVE-2005-1218 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
CVE-2005-1207 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters. | ||||
CVE-2005-0059 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2025-04-03 | N/A |
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message. | ||||
CVE-2005-0058 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2025-04-03 | N/A |
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. | ||||
CVE-2005-0051 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability." | ||||
CVE-2005-1792 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache. | ||||
CVE-2005-0688 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). |