Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-0843 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Vista+1 more Apr 23, 2026 Feb 23, 2007 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (...Show more The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.Show less
CVE-2007-0214 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters...Show more The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.Show less
CVE-2007-0211 1Microsoft 2Windows 2003 Server Windows Xp Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the...Show more The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware."Show less
CVE-2007-0210 1Microsoft 1Windows Xp Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an "unchecked buffer," probably a buffer overflow.
CVE-2007-0026 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.6 HIGH· v2 The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.
CVE-2006-1311 1Microsoft 5Learning Essentials OfficeWindows 2000+2 more Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted...Show more The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.Show less
CVE-2006-6797 1Microsoft 1Windows Xp Apr 23, 2026 Dec 28, 2006 N/A· v4 N/A· v3 6.6 MEDIUM· v2 The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function wit...Show more The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696.Show less
CVE-2006-6723 1Microsoft 2Windows 2000 Windows Xp Apr 23, 2026 Dec 26, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request.
CVE-2006-6696 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Vista+1 more Apr 23, 2026 Dec 22, 2006 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a Ha...Show more Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL.Show less
CVE-2006-6659 1Microsoft 3Ie OutlookWindows Xp Apr 23, 2026 Dec 20, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.
CVE-2006-6602 1Microsoft 2Windows Explorer Windows Xp Apr 23, 2026 Dec 15, 2006 N/A· v4 N/A· v3 4.3 MEDIUM· v2 explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a crafted WMV file.
CVE-2006-6601 2Microsoft Windows 2Media Player Windows Xp Apr 23, 2026 Dec 15, 2006 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly in...Show more Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields that are set to 0.Show less
CVE-2006-5585 1Microsoft 2Windows 2003 Server Windows Xp Apr 23, 2026 Dec 13, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."
CVE-2006-4702 1Microsoft 3Windows 2003 Server Windows Media PlayerWindows Xp Apr 23, 2026 Dec 13, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advance...Show more Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.Show less
CVE-2006-6296 1Microsoft 2Windows 2000 Windows Xp Apr 23, 2026 Dec 5, 2006 N/A· v4 N/A· v3 6.1 MEDIUM· v2 The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory c...Show more The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.Show less
CVE-2006-4689 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 23, 2026 Nov 14, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to cause a denial of service (hang and reboot) vi...Show more Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to cause a denial of service (hang and reboot) via has unknown attack vectors, aka "NetWare Driver Denial of Service Vulnerability."Show less
CVE-2006-4688 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 23, 2026 Nov 14, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWar...Show more Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."Show less
CVE-2006-4691 1Microsoft 2Windows 2000 Windows Xp Apr 23, 2026 Nov 14, 2006 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC...Show more Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.Show less
CVE-2006-3445 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 23, 2026 Nov 14, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length val...Show more Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.Show less
CVE-2006-5758 1Microsoft 2Windows 2000 Windows Xp Apr 23, 2026 Nov 6, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remap...Show more The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.Show less

Previous 1...252627...37 Next