Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_xp:-:gold:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-1735 |
The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window. Published: May 06, 2010; 8:47:23 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2010-1734 |
The SfnINSTRING function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x18d value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window. Published: May 06, 2010; 8:47:23 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-3473 |
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability." Published: October 14, 2008; 8:12:15 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-0077 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." Published: February 12, 2008; 6:00:00 PM -0500 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |