CVE-2009-2498
- EPSS 21.21%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:35
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) ...
CVE-2009-2499
- EPSS 15.55%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:35
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory ...
CVE-2009-2519
- EPSS 25.62%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:37
The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system ...
CVE-2009-1133
- EPSS 30.5%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:34
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unsp...
CVE-2009-1922
- EPSS 1.35%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:08:22
The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users ...
CVE-2009-1923
- EPSS 24.66%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:08:22
Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buf...
CVE-2009-1924
- EPSS 8.84%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:08:22
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability....
- EPSS 41.39%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:08:22
The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of ...
- EPSS 42.33%
- Veröffentlicht 12.08.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:34
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operation...
CVE-2009-1919
- EPSS 34.04%
- Veröffentlicht 29.07.2009 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:08:21
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n...