Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-0688 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Mar 5, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address...Show more Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).Show less
CVE-2004-0897 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Jan 11, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2004-0901 1Microsoft 7Windows 2000 Windows 2003 ServerWindows 98+4 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent b...Show more Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571.Show less
CVE-2004-0894 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed pr...Show more LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.Show less
CVE-2004-0893 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows l...Show more The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."Show less
CVE-2004-0571 1Microsoft 7Windows 2000 Windows 2003 ServerWindows 98+4 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "...Show more Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901.Show less
CVE-2004-0568 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute a...Show more HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.Show less
CVE-2004-2365 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
CVE-2004-2339 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does n...Show more Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossedShow less
CVE-2004-2307 1Microsoft 2Internet Explorer Windows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A.
CVE-2004-2289 1Microsoft 1Windows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.
CVE-2004-2176 1Microsoft 1Windows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access...Show more The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.Show less
CVE-2004-1306 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.
CVE-2004-1049 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer o...Show more Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."Show less
CVE-2004-1043 1Microsoft 2Internet Explorer Windows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth...Show more Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability."Show less
CVE-2004-0979 1Microsoft 3Ie Internet ExplorerWindows Xp Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsi...Show more Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.Show less
CVE-2004-1361 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Dec 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based...Show more Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.Show less
CVE-2004-1305 2Microsoft Nortel 19Ip Softphone 2050 Media Communication Server 5100Media Communication Server 5200+16 more Apr 16, 2026 Dec 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, whi...Show more The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang.Show less
CVE-2004-1319 2Microsoft Nortel 9Ip Softphone 2050 Mobile Voice Client 2050Optivity Telephony Manager+6 more Apr 16, 2026 Dec 15, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then inj...Show more The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.Show less
CVE-2004-0840 1Microsoft 3Exchange Server Windows Server 2003Windows Xp Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allow...Show more The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.Show less

Previous 1...313233...37 Next