SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Search Results

MetricIDDate
Public		Name
94.5VU#25423609/10/2003Microsoft Windows RPCSS Service contains heap overflow in DCOM request filename handling
94.5VU#48349209/10/2003Microsoft Windows RPCSS Service contains heap overflow in DCOM activation routines
78VU#11739403/17/2003Buffer Overflow in Core Microsoft Windows DLL
58.27VU#65076908/08/2006Microsoft Windows Server service buffer overflow
58.21VU#93652911/16/2007Microsoft Jet Engine stack buffer overflow
51.63VU#95155512/20/2001Microsoft Windows Universal Plug and Play (UPNP) vulnerable to buffer overflow via malformed advertisement packets
47.04VU#30973908/12/2008Microsoft Color Management System (MSCMS) module remote code execution
46.57VU#22802807/13/2004Microsoft Windows Task Scheduler Buffer Overflow
45.56VU#56762011/11/2003Microsoft Windows Workstation service vulnerable to buffer overflow when sent specially crafted network message
45.24VU#27449610/12/2004Microsoft Excel parameter validation error
44.04VU#54522807/13/2009Microsoft Office Web Components Spreadsheet ActiveX control vulnerability
43.28VU#39926007/24/2002Microsoft SQL Server 2000 contains heap buffer overflow in SQL Server Resolution Service
43.28VU#48489107/24/2002Microsoft SQL Server 2000 contains stack buffer overflow in SQL Server Resolution Service
42.52VU#43413704/10/2007Microsoft Content Management Server fails to properly process crafted HTTP requests
41.04VU#49251501/14/2010Microsoft Internet Explorer HTML object memory corruption vulnerability
40.71VU#60802006/13/2006Microsoft Windows Media Player PNG processing buffer overflow
37.93VU#39004406/13/2006Microsoft JScript memory corruption vulnerability
37.86VU#16792812/05/2006Microsoft Word malformed string vulnerability
37.46VU#22204406/03/2003Microsoft Windows Media Player fails to properly launch URLs based on Dynamic HTML (DHTML) behaviors
33.75VU#63546308/10/2000Microsoft SQL Server and Microsoft Data Engine (MSDE) ship with a null default password
33.66VU#60986807/11/2006Microsoft Office string parsing vulnerability
33.41VU#68282003/14/2006Microsoft Office routing slip buffer overflow
31.64VU#46703610/15/2003Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol
28.43VU#23806412/12/2006Microsoft Remote Installation Service Writable Path Vulnerability
27.1VU#61620010/12/2004Microsoft Windows Shell contains a buffer overflow
27VU#19785211/14/2006Microsoft Internet Explorer fails to properly interpret HTML with certain layout combinations
27VU#29139602/14/2006Microsoft Windows Media Player vulnerable to buffer overflow in bitmap processing routine
27VU#64146004/11/2006Microsoft Windows fails to properly handle COM objects
26.73VU#93204102/13/2007Microsoft MFC component vulnerable to remote code execution via malformed embedded OLE object
25.65VU#51157702/13/2007Microsoft Malware Protection Engine fails to properly process a specially crafted PDF File
25.51VU#18719607/13/2004Microsoft Windows fails to properly process showHelp URLs
25.51VU#25214601/10/2006Microsoft Outlook and Microsoft Exchange TNEF decoding buffer overflow
25.31VU#33776407/09/2003Microsoft Windows fails to properly validate buffer size of incoming SMB packets
25.24VU#54390705/13/2008Microsoft Office fails to properly handle specially crafted Rich Text Format files
24.97VU#61374002/02/2007Microsoft Excel memory access vulnerability
24.3VU#15556304/08/2008Microsoft Office Project vulnerable to remote code execution via specially crafted Project file
23.72VU#37816012/14/2004Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow
23.28VU#28706710/04/2001Microsoft PowerPoint and Excel fail to properly detect macros thereby automatically executing malicious code via crafted document (MS01-050)
22.57VU#81077211/14/2006Microsoft Agent fails to properly handle specially crafted .ACF files
22.27VU#30345205/09/2006Microsoft Exchange fails to properly handle vCal and iCal properties
22.03VU#27186001/09/2007Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
21VU#83928402/14/2006Microsoft Windows TCP/IP fails to properly validate IGMP packets
19.23VU#17655610/10/2006Microsoft Office fails to properly parse malformed records
19.23VU#23490010/10/2006Microsoft Office fails to properly parse malformed strings
19.23VU#80778010/10/2006Microsoft Office fails to properly parse malformed Smart Tags
17.95VU#53427610/10/2006Microsoft Office fails to properly parse malformed chart records
16.82VU#80478009/03/2003Microsoft Visual Basic for Applications (VBA) does not adequately validate document properties
16.4VU#90158412/12/2006Microsoft Windows SNMP Memory Corruption Vulnerability
16.2VU#25382505/08/2007Microsoft Excel fails to properly process files with crafted filter records
16.12VU#49062807/14/2005Microsoft Windows Remote Desktop Protocol service input validation vulnerability
16.03VU#58003607/11/2006Microsoft Office fails to properly handle malformed strings
15.18VU#13818806/13/2006Microsoft Outlook Web Access for Exchange Server script injection vulnerability
14.72VU#31938512/11/2007Microsoft Windows Media Format Runtime ASF handling buffer overflow
14.63VU#41600102/08/2005Microsoft Office XP contains buffer overflow vulnerability
14.42VU#96766810/15/2003Microsoft Windows ListBox and ComboBox controls vulnerable to buffer overflow when supplied crafted Windows message
14.17VU#43544410/15/2003Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form
12.82VU#90827608/08/2006Microsoft Winsock buffer overflow
12.65VU#48481405/11/2004Microsoft Help and Support Center (HCP) fails to properly validate HCP URLs
12.65VU#82062810/10/2006Microsoft Server Service fails to properly handle network messages
12.48VU#91865207/23/2003Microsoft SQL Server becomes unresponsive when large packet is sent to specific named pipe
11.7VU#30037306/14/2005Microsoft Outlook Web Access vulnerable to cross-site scripting
10.68VU#91593001/10/2006Microsoft embedded web font buffer overflow
10.6VU#13915001/13/2004Microsoft Data Access Components (MDAC) contains buffer overflow
9.94VU#45551609/12/2006Microsoft PGM vulnerable to remote code execution
9.56VU#61970702/19/2002Microsoft SQL Server contains buffer overflows in openrowset and opendatasource macros
9.56VU#22856112/08/2009Microsoft Indeo video codecs contain multiple vulnerabilities
9.36VU#15525207/02/2003Microsoft Windows 2000 SMTP service vulnerable to DoS when processing message with corrupted time stamp
9.28VU#62733104/02/2009Microsoft Office PowerPoint code execution vulnerability
9VU#71854206/14/2005Microsoft Agent vulnerable to trusted site spoofing
8.85VU#27932307/24/2002Microsoft SQL Server contains buffer overflows in several Database Consistency Checkers
8.77VU#33240402/09/2007Microsoft Word fails to properly handle malformed strings
7.89VU#41151608/08/2006Microsoft Windows kernel fails to properly manage exception handling
7.48VU#86964007/13/2004Microsoft Outlook Express fails to properly validate malformed e-mail headers
7.25VU#80408912/11/2007Microsoft DirectX SAMI parsing buffer overflow
6.88VU#92667612/09/2008Microsoft WordPad Text Converter vulnerable to remote code execution
6.37VU#73984402/14/2006Microsoft Windows Korean Input Method Editor vulnerability
5.68VU#38890002/14/2006Microsoft Web Client Service vulnerable to buffer overflow
5.31VU#37030807/24/2002Microsoft SQL Server 2000 contains denial-of-service vulnerability in SQL Server Resolution Service
5.13VU#46687302/13/2007Microsoft Step-by-Step Interactive Training contains a buffer overflow
4.86VU#93907402/08/2005Microsoft Windows XP named pipe fails to restrict anonymous access
4.72VU#58160307/24/2001Microsoft Services for UNIX Network File System (NFS) server is vulnerable to denial of service via memory leak
4.25VU#99485107/24/2001Microsoft Services for UNIX Telnet server is vulnerable to denial of service via memory leak
4.09VU#61743601/09/2007Microsoft Outlook vulnerable to DoS via a malformed email message
3.44VU#55548905/08/2007Microsoft Word fails to properly parse crafted rich text content
3.18VU#67313410/13/2004Microsoft MSN "Hrtbeat.ocx" ActiveX control contains unspecified vulnerability
3.09VU#86630505/08/2007Microsoft Cryptographic API Component Object Model Certificates ActiveX control contains a remote code execution vulnerability
2.52VU#92130010/10/2006Microsoft Word vulnerable to remote code execution
2.43VU#65018104/12/2005Microsoft Object Management DoS Vulnerability
2.36VU#11926210/12/2004Microsoft Windows kernel fails to reset values in CPU data structures
2.29VU#33795304/10/2007Microsoft Windows Kernel vulnerable to privilege escalation
2.25VU#44756904/09/2003Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code
1.68VU#96362802/14/2006Microsoft PowerPoint may disclose information in the Temporary Internet Files Folder
1.19VU#63151606/13/2006Microsoft Routing and Remote Access does not properly handle RPC requests
0.9VU#44943809/14/2004Microsoft Office WordPerfect 5.x Converter contains a buffer overflow vulnerability
0.6VU#89971308/27/2002Microsoft Word and Excel documents allow local file reading by via embedded fields
0.39VU#34895307/10/2007Microsoft Windows Active Directory fails to properly validate client sent LDAP requests
0.37VU#76844009/11/2007Microsoft Windows Services for UNIX privilege escalation vulnerability
0.07VU#21984804/10/2007Microsoft Windows Vista CSRSS privilege escalation vulnerability
0VU#15948408/08/2006Microsoft Visual Basic for Applications buffer overflow
0VU#71687209/11/2007Microsoft Agent fails to properly handle specially crafted URLs

If this page is empty, your search did not match any documents.

Produced 2010 by US-CERT, a government organization
Disclaimers and copyright information