Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0575 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped)...Show more Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.Show less
CVE-2004-0214 1Microsoft 5Internet Explorer Windows 2000Windows 98+2 more Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly exe...Show more Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.Show less
CVE-2004-0209 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enha...Show more Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."Show less
CVE-2004-0208 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified...Show more The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.Show less
CVE-2004-0207 1Microsoft 5Windows 2000 Windows 2003 ServerWindows 98+2 more Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privil...Show more "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.Show less
CVE-2004-0206 1Microsoft 5Windows 2000 Windows 2003 ServerWindows 98+2 more Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges v...Show more Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.Show less
CVE-2004-1623 1Microsoft 1Windows Xp Apr 16, 2026 Oct 22, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF.
CVE-2004-0200 1Microsoft 23.net Framework Digital Image ProDigital Image Suite+20 more Apr 16, 2026 Sep 28, 2004 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM fiel...Show more Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.Show less
CVE-2004-0839 3Avaya MicrosoftNortel 18Definity One Media Server IeInternet Explorer+15 more Apr 16, 2026 Aug 18, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, a...Show more Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".Show less
CVE-2004-0230 7Juniper McafeeMicrosoft+4 more 12Junos NetbsdNetwork Data Loss Prevention+9 more May 2, 2025 Aug 18, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet,...Show more TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.Show less
CVE-2004-0212 2Avaya Microsoft 8Definity One Media Server IeIp600 Media Servers+5 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters,...Show more Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.Show less
CVE-2004-0202 1Microsoft 7Directx Windows 2000Windows 2003 Server+4 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malfo...Show more IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.Show less
CVE-2004-0201 2Avaya Microsoft 11Definity One Media Server Ip600 Media ServersModular Messaging Message Storage Server+8 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large...Show more Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.Show less
CVE-2003-1048 1Microsoft 8Internet Explorer OutlookWindows 98+5 more Apr 16, 2026 Jul 27, 2004 N/A· v4 7.8 HIGH· v3 10.0 HIGH· v2 Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
CVE-2004-0474 1Microsoft 1Windows Xp Apr 16, 2026 Jul 7, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, sev...Show more Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.Show less
CVE-2004-0199 1Microsoft 2Windows 2003 Server Windows Xp Apr 16, 2026 Jun 14, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that acc...Show more Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).Show less
CVE-2004-0124 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 2.6 LOW· v2 The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity V...Show more The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."Show less
CVE-2004-0123 1Microsoft 7Windows 2000 Windows 2003 ServerWindows 98+4 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0120 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
CVE-2004-0119 1Microsoft 3Windows 2000 Windows Server 2003Windows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 7.5 HIGH· v3 7.5 HIGH· v2 The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code...Show more The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.Show less

Previous 1...323334...37 Next