Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Xp Subscriptions
Total 1352 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4071 1 Microsoft 2 Windows 2003 Server, Windows Xp 2025-04-03 N/A
Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file.
CVE-2005-1208 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows 98 and 1 more 2025-04-03 N/A
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
CVE-2005-1207 1 Microsoft 2 Windows 2003 Server, Windows Xp 2025-04-03 N/A
Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special parameters.
CVE-2005-1206 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
CVE-2002-0283 1 Microsoft 1 Windows Xp 2025-04-03 N/A
Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data.
CVE-2006-3945 2 Microsoft, Opera 2 Windows Xp, Opera Browser 2025-04-03 N/A
The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.
CVE-2006-3915 1 Microsoft 2 Internet Explorer, Windows Xp 2025-04-03 N/A
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference.
CVE-2006-3730 1 Microsoft 3 Ie, Internet Explorer, Windows Xp 2025-04-03 N/A
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
CVE-2006-3729 1 Microsoft 2 Internet Explorer, Windows Xp 2025-04-03 N/A
DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.
CVE-2006-3648 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception."
CVE-2006-3512 1 Microsoft 2 Internet Explorer, Windows Xp 2025-04-03 N/A
Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference.
CVE-2006-3440 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability."
CVE-2006-3209 1 Microsoft 1 Windows Xp 2025-04-03 N/A
The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation
CVE-2006-2056 1 Microsoft 2 Internet Explorer, Windows Xp 2025-04-03 N/A
Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API.
CVE-2006-1626 1 Microsoft 2 Internet Explorer, Windows Xp 2025-04-03 N/A
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.
CVE-2006-1314 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.
CVE-2006-0143 1 Microsoft 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more 2025-04-03 N/A
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.
CVE-2006-0013 1 Microsoft 2 Windows 2003 Server, Windows Xp 2025-04-03 N/A
Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207.
CVE-2006-0012 1 Microsoft 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more 2025-04-03 N/A
Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."
CVE-2006-0006 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more 2025-04-03 N/A
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.