CVE-2009-0078
- EPSS 2.74%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:13
The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the...
CVE-2009-0079
- EPSS 4.06%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:13
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account,...
- EPSS 14.15%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in ...
CVE-2009-0087
- EPSS 25.89%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to exe...
CVE-2009-0088
- EPSS 28.45%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via...
CVE-2009-0089
- EPSS 5.07%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a differe...
CVE-2009-0235
- EPSS 33.62%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:04:33
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corrupti...
CVE-2009-0550
- EPSS 11.75%
- Veröffentlicht 15.04.2009 08:00:00
- Zuletzt bearbeitet 16.06.2026 23:05:16
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on...
CVE-2009-0083
- EPSS 1.46%
- Veröffentlicht 10.03.2009 20:30:06
- Zuletzt bearbeitet 16.06.2026 23:04:13
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invali...
CVE-2009-0085
- EPSS 15.19%
- Veröffentlicht 10.03.2009 20:30:06
- Zuletzt bearbeitet 16.06.2026 23:04:14
The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's k...