- EPSS 26.63%
- Veröffentlicht 27.07.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:25
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
CVE-2003-0907
- EPSS 21.85%
- Veröffentlicht 01.06.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:10
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr...
CVE-2004-0119
- EPSS 39.62%
- Veröffentlicht 01.06.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:04:58
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenI...
- EPSS 8.16%
- Veröffentlicht 20.01.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:09
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authenticatio...
CVE-2003-0813
- EPSS 14.84%
- Veröffentlicht 17.11.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:52
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one th...