Microsoft : Security Vulnerabilities, CVEs, Published In 2005 (Overflow)
HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Max CVSS
10.0
EPSS Score
9.21%
Published
2005-01-10
Updated
2019-04-30
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Max CVSS
10.0
EPSS Score
59.25%
Published
2005-01-11
Updated
2018-10-12
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.
Max CVSS
10.0
EPSS Score
27.79%
Published
2005-02-09
Updated
2018-10-12
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
Max CVSS
10.0
EPSS Score
7.14%
Published
2005-02-09
Updated
2020-12-09
CVE-2004-1134
Public exploit
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
Max CVSS
10.0
EPSS Score
96.53%
Published
2005-01-10
Updated
2017-07-11
CVE-2005-0059
Public exploit
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
Max CVSS
10.0
EPSS Score
97.03%
Published
2005-05-02
Updated
2019-04-30
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
Max CVSS
10.0
EPSS Score
1.31%
Published
2005-05-02
Updated
2018-10-12
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
Max CVSS
10.0
EPSS Score
45.39%
Published
2005-06-14
Updated
2018-10-12
CVE-2005-1983
Public exploit
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Max CVSS
10.0
EPSS Score
97.52%
Published
2005-08-10
Updated
2018-10-12
Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.
Max CVSS
10.0
EPSS Score
95.41%
Published
2005-10-21
Updated
2019-04-30
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Max CVSS
7.5
EPSS Score
55.89%
Published
2005-02-08
Updated
2018-10-12
The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.
Max CVSS
7.5
EPSS Score
78.10%
Published
2005-05-02
Updated
2019-04-30
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.
Max CVSS
7.5
EPSS Score
4.41%
Published
2005-08-10
Updated
2018-10-12
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
Max CVSS
7.5
EPSS Score
88.51%
Published
2005-04-27
Updated
2019-04-30
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
Max CVSS
7.5
EPSS Score
95.67%
Published
2005-05-02
Updated
2021-07-23
Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability."
Max CVSS
7.5
EPSS Score
92.40%
Published
2005-04-12
Updated
2021-07-23
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
Max CVSS
7.5
EPSS Score
71.85%
Published
2005-05-02
Updated
2020-04-09
Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information.
Max CVSS
7.5
EPSS Score
14.55%
Published
2005-07-12
Updated
2018-10-12
Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
Max CVSS
7.5
EPSS Score
52.69%
Published
2005-06-14
Updated
2018-10-12
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.
Max CVSS
7.5
EPSS Score
14.08%
Published
2005-06-14
Updated
2019-04-30
CVE-2005-1213
Public exploit
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
Max CVSS
7.5
EPSS Score
97.38%
Published
2005-06-14
Updated
2018-10-12
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
Max CVSS
7.5
EPSS Score
94.49%
Published
2005-07-12
Updated
2018-10-12
Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.
Max CVSS
7.5
EPSS Score
83.01%
Published
2005-06-13
Updated
2017-07-11
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
Max CVSS
7.5
EPSS Score
84.05%
Published
2005-08-10
Updated
2018-10-12
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Max CVSS
7.5
EPSS Score
90.08%
Published
2005-10-13
Updated
2020-04-09