Microsoft

Windows Vista

828 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2007-3036

  • EPSS 3.76%
  • Published 12.09.2007 01:17:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "...

6.8

CVE-2007-3032

  • EPSS 58.35%
  • Published 14.08.2007 22:17:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.

4.3

CVE-2007-3033

  • EPSS 42.33%
  • Published 14.08.2007 22:17:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are no...

6.8

CVE-2007-3891

  • EPSS 52.12%
  • Published 14.08.2007 22:17:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.

4.3

CVE-2007-4247

  • EPSS 28.81%
  • Published 08.08.2007 23:17:00
  • Last modified 09.04.2025 00:30:58

Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file.

7.8

CVE-2007-3038

  • EPSS 30.26%
  • Published 10.07.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Wi...

7.8

CVE-2007-3671

  • EPSS 28.17%
  • Published 10.07.2007 19:30:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the kernel in Microsoft Windows Vista has unspecified remote attack vectors and impact, as shown in the "0day IPO" presentation at SyScan'07.

7.2

CVE-2007-2229

  • EPSS 0.85%
  • Published 12.06.2007 19:30:00
  • Last modified 09.04.2025 00:30:58

Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permis...

7.1

CVE-2007-3091

  • EPSS 21.16%
  • Published 06.06.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions...

7.2

CVE-2007-1209

  • EPSS 2.08%
  • Published 10.04.2007 21:19:00
  • Last modified 09.04.2025 00:30:58

Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and clo...