U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:microsoft:windows_xp:-:gold:home:*:*:*:*:*
  • CPE Name Search: true
There are 335 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2006-0008

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.

Published: February 14, 2006; 2:06:00 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-0013

Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207.

Published: February 14, 2006; 2:06:00 PM -0500
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2006-0021

Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."

Published: February 14, 2006; 2:06:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-0376

The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place.

Published: January 22, 2006; 3:03:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.

Published: January 10, 2006; 5:03:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2006-0143

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Published: January 09, 2006; 3:03:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2005-4560

The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer (SHIMGVW.DLL), a different vulnerability than CVE-2005-2123 and CVE-2005-2124, and as originally discovered in the wild on unionseek.com.

Published: December 28, 2005; 2:03:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2005-4269

mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at the same time that a document is reloading, as seen in Microsoft Office InfoPath 2003 by repeatedly clicking the "Delete" button in a repeating section in a form. NOTE: the normal operation of InfoPath appears to involve a local user without any privilege boundaries, so this might not be a vulnerability in InfoPath. If no realistic scenarios exist for this problem in other products, then perhaps it should be excluded from CVE.

Published: December 15, 2005; 3:11:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2005-3981

** DISPUTED ** NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE.

Published: December 04, 2005; 6:03:00 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2005-3644

PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.

Published: November 17, 2005; 6:02:00 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2005-2118

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122.

Published: October 21, 2005; 2:02:00 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2005-2122

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118.

Published: October 21, 2005; 2:02:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.

Published: October 06, 2005; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-0058

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.

Published: August 10, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2005-1218

The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.

Published: August 10, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-2388

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

Published: July 27, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-2307

netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability."

Published: July 19, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-1207

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.

Published: June 14, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

Published: June 14, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2005-1212

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

Published: June 14, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH