Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-1980 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Oct 12, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly conn...Show more Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability."Show less
CVE-2005-1979 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Oct 12, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is...Show more Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.Show less
CVE-2005-1978 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Oct 12, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
CVE-2005-3177 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Oct 6, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large numb...Show more CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.Show less
CVE-2005-2765 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Sep 1, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administ...Show more The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included.Show less
CVE-2005-1984 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
CVE-2005-1983 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain priv...Show more Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.Show less
CVE-2005-1982 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 3.6 LOW· v2 Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between...Show more Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used.Show less
CVE-2005-1218 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
CVE-2005-0058 1Microsoft 6Windows 2000 Windows 2003 ServerWindows 98+3 more Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or e...Show more Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.Show less
CVE-2005-2388 1Microsoft 7Windows 2000 Windows 2003 ServerWindows 95+4 more Apr 16, 2026 Jul 27, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
CVE-2005-2307 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Jul 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connecti...Show more netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability."Show less
CVE-2005-1214 1Microsoft 7Windows 2000 Windows 2000 Terminal ServicesWindows 2003 Server+4 more Apr 16, 2026 Jun 14, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.
CVE-2005-1212 1Microsoft 7Windows 2000 Windows 2000 Terminal ServicesWindows 2003 Server+4 more Apr 16, 2026 Jun 14, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.
CVE-2005-1208 1Microsoft 4Windows 2000 Windows 2003 ServerWindows 98+1 more Apr 16, 2026 Jun 14, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that t...Show more Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.Show less
CVE-2005-1207 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Jun 14, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.
CVE-2005-1206 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Jun 14, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server M...Show more Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."Show less
CVE-2005-1935 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Jun 13, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-n...Show more Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue.Show less
CVE-2005-1792 1Microsoft 1Windows Xp Apr 16, 2026 Jun 1, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RP...Show more Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache.Show less
CVE-2005-0356 9Alaxala CiscoF5+6 more 767220 Wlan Access Point 7250 Wlan Access PointAgent Desktop+73 more Apr 16, 2026 May 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a la...Show more Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.Show less

Previous 1...293031...37 Next