CVE-2008-1453
- EPSS 2.39%
- Veröffentlicht 12.06.2008 02:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:46
The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
CVE-2007-6255
- EPSS 30.18%
- Veröffentlicht 23.04.2008 13:05:00
- Zuletzt bearbeitet 16.06.2026 22:47:42
Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.
- EPSS 36.83%
- Veröffentlicht 21.04.2008 17:05:00
- Zuletzt bearbeitet 16.06.2026 22:51:43
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service ...
CVE-2008-0087
- EPSS 32.45%
- Veröffentlicht 08.04.2008 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:48:54
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
CVE-2008-1083
- EPSS 57.1%
- Veröffentlicht 08.04.2008 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:50:57
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a mal...
CVE-2008-1084
- EPSS 6.75%
- Veröffentlicht 08.04.2008 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:50:57
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: i...
CVE-2008-1086
- EPSS 30.54%
- Veröffentlicht 08.04.2008 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:50:57
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, wh...
CVE-2008-1087
- EPSS 56.6%
- Veröffentlicht 08.04.2008 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:50:57
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflo...
CVE-2008-0951
- EPSS 30.11%
- Veröffentlicht 24.03.2008 22:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:40
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a (1) CD-ROM device or (2) U3-en...
CVE-2008-0084
- EPSS 73.6%
- Veröffentlicht 12.02.2008 21:00:00
- Zuletzt bearbeitet 16.06.2026 22:48:54
Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet.