Microsoft

Windows

90 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2010-3143

Exploit
  • EPSS 8.82%
  • Veröffentlicht 27.08.2010 19:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a ....

9.3

CVE-2010-3139

Exploit
  • EPSS 17.09%
  • Veröffentlicht 27.08.2010 19:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located i...

7.5

CVE-2009-3864

  • EPSS 8.56%
  • Veröffentlicht 05.11.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which ...

7.8

CVE-2008-6194

  • EPSS 21.26%
  • Veröffentlicht 19.02.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Memory leak in the DNS server in Microsoft Windows allows remote attackers to cause a denial of service (memory consumption) via DNS packets. NOTE: this issue reportedly exists because of an incorrect fix for CVE-2007-3898.

5

CVE-2008-5112

Exploit
  • EPSS 36.45%
  • Veröffentlicht 17.11.2008 23:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enume...

9.3

CVE-2008-4037

Exploit
  • EPSS 75.53%
  • Veröffentlicht 12.11.2008 23:30:02
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as ...

9.3

CVE-2008-3012

  • EPSS 68.4%
  • Veröffentlicht 11.09.2008 01:11:47
  • Zuletzt bearbeitet 09.04.2025 00:30:58

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint ...

9.3

CVE-2007-5348

  • EPSS 80.64%
  • Veröffentlicht 11.09.2008 01:01:19
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerP...

6.8

CVE-2007-2108

  • EPSS 26.87%
  • Veröffentlicht 18.04.2007 18:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims t...

2.1

CVE-1999-0524

  • EPSS 0.65%
  • Veröffentlicht 01.08.1997 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.