National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_xp:-:sp1:embedded
There are 202 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2006-1184

Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.

Published: May 09, 2006; 10:14:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2006-0005

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Published: February 14, 2006; 02:06:00 PM -05:00
    V2: 9.3 HIGH
CVE-2006-0021

Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."

Published: February 14, 2006; 02:06:00 PM -05:00
    V2: 7.8 HIGH
CVE-2005-2388

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

Published: July 27, 2005; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

Published: June 14, 2005; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2005-1212

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

Published: June 14, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-1214

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

Published: June 14, 2005; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Published: May 31, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-1649

The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).

Published: May 18, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-0048

Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability."

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-0059

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2005-0904

Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2005-0416

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

Published: April 27, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2004-0979

Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.

Published: December 31, 2004; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.

Published: December 23, 2004; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2004-1623

The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF.

Published: October 22, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2003-1469

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Published: December 31, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0659

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

Published: November 17, 2003; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2003-0660

The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.

Published: November 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0813

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.

Published: November 17, 2003; 12:00:00 AM -05:00
    V2: 5.1 MEDIUM