Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.
Max Base Score
4.6
Published
2004-12-31
Updated
2017-07-29
EPSS
0.05%
Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks.
Max Base Score
4.3
Published
2004-12-31
Updated
2021-07-23
EPSS
0.41%
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
Max Base Score
5.8
Published
2004-12-31
Updated
2016-10-18
EPSS
0.39%
Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.
Max Base Score
3.7
Published
2004-12-31
Updated
2017-07-20
EPSS
0.37%
Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code.
Max Base Score
5.0
Published
2004-12-31
Updated
2017-07-11
EPSS
10.71%
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source.
Max Base Score
2.6
Published
2004-12-31
Updated
2021-07-23
EPSS
13.11%
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.
Max Base Score
5.0
Published
2004-12-31
Updated
2017-07-11
EPSS
6.21%
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE.
Max Base Score
5.1
Published
2004-12-31
Updated
2021-07-23
EPSS
92.31%
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
Max Base Score
2.1
Published
2004-12-31
Updated
2017-07-11
EPSS
0.07%
** DISPUTED ** Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed.
Max Base Score
7.2
Published
2004-12-31
Updated
2019-04-30
EPSS
0.04%
Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A.
Max Base Score
5.0
Published
2004-12-31
Updated
2021-07-23
EPSS
1.34%
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
Max Base Score
7.5
Published
2004-12-31
Updated
2021-07-23
EPSS
5.21%
Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.
Max Base Score
10.0
Published
2004-12-31
Updated
2018-10-12
EPSS
0.84%
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.
Max Base Score
2.6
Published
2004-12-31
Updated
2021-07-23
EPSS
84.04%
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
Max Base Score
5.0
Published
2004-12-31
Updated
2008-09-05
EPSS
0.88%
The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.
Max Base Score
4.6
Published
2004-12-31
Updated
2008-09-05
EPSS
0.06%
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.
Max Base Score
5.0
Published
2004-12-31
Updated
2017-07-11
EPSS
5.76%
Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.
Max Base Score
5.0
Published
2004-02-10
Updated
2008-09-05
EPSS
2.78%
Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
Max Base Score
5.0
Published
2004-02-07
Updated
2021-07-23
EPSS
5.93%
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI.
Max Base Score
2.6
Published
2004-12-31
Updated
2021-07-23
EPSS
0.39%
Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.
Max Base Score
2.6
Published
2004-04-11
Updated
2021-07-23
EPSS
0.30%
Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin.
Max Base Score
5.0
Published
2004-09-15
Updated
2017-07-11
EPSS
0.69%
Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.
Max Base Score
7.2
Published
2004-08-31
Updated
2017-07-11
EPSS
0.05%
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF.
Max Base Score
5.0
Published
2004-10-22
Updated
2017-07-11
EPSS
6.05%
Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow.
Max Base Score
5.0
Published
2004-12-31
Updated
2017-07-11
EPSS
84.42%
143 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!