Microsoft : Security Vulnerabilities, CVEs, Published In 2005 CVSS score >= 7
CVE-2005-4560
Public exploit
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.
Max CVSS
7.5
EPSS Score
97.36%
Published
2005-12-28
Updated
2018-10-19
CVE-2005-1983
Public exploit
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Max CVSS
10.0
EPSS Score
97.52%
Published
2005-08-10
Updated
2018-10-12
CVE-2005-1213
Public exploit
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
Max CVSS
7.5
EPSS Score
97.38%
Published
2005-06-14
Updated
2018-10-12
CVE-2005-0059
Public exploit
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
Max CVSS
10.0
EPSS Score
96.77%
Published
2005-05-02
Updated
2019-04-30
CVE-2004-1134
Public exploit
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
Max CVSS
10.0
EPSS Score
96.53%
Published
2005-01-10
Updated
2017-07-11
CVE-2004-1080
Public exploit
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
Max CVSS
10.0
EPSS Score
96.85%
Published
2005-01-10
Updated
2019-04-30
6 vulnerabilities found