Computer Security
[EN] securityvulns.ru
no-pyccku

  

Name:MICROSOFT : Windows 2000 Server

6!Microsoft Windows multiple applications DLL hijacking
updated since 26.08.2010
document If application is launched via file type association, current path is set to the path file is located, making it's possible to place DLLs application tries to load dynamically into same directory.
 Microsoft fixed SMB NTLM relay attacks
updated since 12.11.2008
document Microsoft fixed NTLM proxing vulnerability: credentials used for one services could be forwardedto different one. Attack is known for many years as NTLM weakness.
 Multiple browsers certificates validation weakness
document Wildmasks in certificates issued to IP address are enabled.
6!Microsoft IIS authentication bypass
document It's possible to access restricted directory by using request like “http://victim.com/SecretFolder:$I30:$Index_Allocation/
6!Microsoft Windows win32k privilege escalation
updated since 08.06.2010
document Multiple memory corruptions.
7!Code execution with multiple ActiveX components in Microsoft Windows
updated since 08.06.2010
   
6!Microsoft .Net XML signing protection bypass
document Only part of signature is compared in case of incomplete HMAC.
6!Microsoft Windows OpenType Compact Font Format driver memory corruption
document Memory corruption on IOCTL processing.
7!Microsoft Windows media files parsing memroy corruption
document Memory corruption on JPEG / MJPEG parsing.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Crossite scripting, information leakage, multiple memory corruptions.
 Multiple browsers DoS
updated since 20.05.2010
document Mail program compose message window is created for avery frame with mailto:, news:, nntp:, etc URI.
 Microsoft Windows Mail / Outlook Express integer overflow
document Integer overflow on POP3 or IMAP server reply parsing.
6!Microsoft Wndows / Microsoft Exchange SMTP Service DoS
updated since 16.04.2010
document Crash on DNS server response parsing, information leak.
 Microsoft Internet Explorer, Google Chrome, Opera and Mozilla Firefox DoS
document Large buffer within <marquee> tag causes browser to crash.
 Microsoft Windows DoS
document SfnLOGONNOTIFY and SfnINSTRING functions DoS.
7!Microsoft Windows MP3 codec buffer overflow
document Buffer overflow on AVI files with MP3 audio stream.
7!Microsoft SMB client multiple security vulnerabilities
updated since 10.02.2010
document Memory corruptions, race conditions.
 Microsoft VBS code execution
document If F1 is pressed in dialog window, help file controlled by attacker
6!Microsoft Windows kernel multiple privilege escalations
document Multiple DoS conditions, race conditions, memory corruptions.
8!Microsoft Windows file signature spoofing
document Signature spoofing in PE and CAB files.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 31.03.2010
document Multiple security vulnerability are used in-the-wild for hiddden malware installation.
7!Microsoft Windows code execution
updated since 10.02.2010
document URL code injection.
 Microsoft Windows Kerberos DoS
document NULL pointer dereference on TGT renewal request processing.
6!Microsoft DirectShow buffer overflow
document Buffer overflow on AVI parsing.
7!Microsoft Windows SMB server multiple security vulnerabilities
document Memory corruptions, buffer overflow, DoS conditions, cryptography weakness.
6!Microsoft Windows Client/Server Run-time Subsystem
document Invalid process termination on user's logout.
7!Microsoft Data Analyzer ActiveX Control memory corruption
   
6!Microsoft Windows kernel privilege escalation
document Double free() vulnerability, exception handler vulnerability.
 Microsoft Paint integer overflow
document Integer overflow on JPEG parsing.
8!Microsoft Internet Explorer information leak
document It's possible to retrieve any file from client computer via URLMON and Dynamic OBJECT tag.
8!Microsoft Internet Explorer Multiple security vulnerabilities
updated since 19.01.2010
document 0-day use-after-free vulnerability on createEventObject processing: <body onload="for(var i=0; i!=10000; i++) ev.srcElement"> <img src=. onerror="ev=createEventObject(event); outerHTML++">, Multiple memory corruptions.
8!Microsoft Windows Embedded OpenType (EOT) Fonts multiple security vulnerabilities
updated since 14.07.2009
document Integer overflows, heap buffer overflows.
6!Microsoft IIS protection bypass
document It's possible to bypass 3rd party upload protection by file extension, because part of filename after semicolon is ingored then detecting file type. E.g. script.asp;.jpg is treated by web server as ASP file.
6!Microsoft Wordpad / Office Text Converters memory corruption
updated since 09.12.2009
document Memory corruption on Office 97 documents parsing.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.12.2009
document Multiple memory corruptions, code execution.
8!Microsoft Windows Intel Indeo codecs multiple
updated since 09.12.2009
document Multiple vulnerabilities on video files parsing.
7!Microsoft Windows DoS
document LSASS DoS on ISAKMP IPSec messages parsing.
7!Microsoft Internet Authentication Service multiple security vulnerabilities
document MS-CHAP authentication bypass, memory corruption.
9!Multiple TCP implementations different security vulnerabilities
updated since 09.09.2009
document Multiple security vulnerabilities in different operation sustems caused by resource exhaustions on maintaining TCP states table.
8!Microsoft Windows GDI code execution
document Memory corruption on EOT (Embedded Open Type) font parsing, privilege escalation, DoS.
6!Microsoft Windows 2000 License Logging Server buffer overflow
document Buffer overflow on RPC call parsing.
 Microsoft Active Directory DoS
document LSASS stack overflow (stack memory exhaustion).
 Microsoft Internet Explorer DoS
document Unremovable dialog with cycled setHomePage.
 Microsoft Windows Media Player information leak
document Windows Media Player plugin allows to detect local file existance.
6!Microsoft Windows kernel multiple security vulnerabilities
updated since 13.10.2009
document Integer overflow, NULL pointer dereference, exception handler vulnerability.
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.10.2009
document Multiple memory corruptions.
6!Microsoft Windows Media Runtime multiple security vulnerabilities
updated since 13.10.2009
document Buffer overflows, memory corruptions.
8!Microsoft .Net multiple security vulnerabilities
document Multiple vulnerabilities allow escape from sandbox environment.
8!Microsoft GDI+ multiple security vulnerabilities
document Multiple vulnerabilities on WMF, PNG, TIFF, BMP parsing.
9!Microsoft Active Template Library (ATL) multiple security vulnerabilities
updated since 29.07.2009
document Memory corruptions, information leak, initialization problem, leading to killbit protection bypass.
8!Microsoft Windows IIS FTP server buffer overflow
updated since 31.08.2009
document Buffer overflow in NLST command. Same vulnerability may be used for stack overflow (stack memory exhaustion) without need fo write access.
6!Microsoft CryptoAPI certificate spoofing
document Certificate name spoofing with NULL byte.
7!Microsoft Windows Indexing Service ActiveX memory corruption
   
6!Microsoft Windows Media Player buffer overflow
document Buffer overflow on .ASF files parsing.
7!Microsoft DHTML ActiveX code execution
   
8!Microsoft Windows JavaScript engine memory corruption
document Memory corruption on "arguments" keyword parsing.
 DoS in multiple browsers
document Hang or crash on oversized location.hash
6!Microsoft Windows MSMQ (message queuing) privilege escalation
updated since 11.08.2009
document DoS conditions in the service lead to named channel spoofing possibility.
7!Microsoft RDP client multiple security vulnerabilities
updated since 11.08.2009
document Memory corruption in ActiveX control, memory corruption on server reply processing.
7!Microsoft WINS multiple security vulnerabilities
updated since 11.08.2009
document Integer overflow, heap buffer overflow.
8!Microsoft Windows media files processing memory corruption
document Memory corruptions and integer overflows on AVI processing.
 Microsoft telnet NTLM relaying
document NTLM relaying attack against telnet client authentication is possible.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 29.07.2009
document Multiple memory corruptions, workaround for ATL vulnerability added.
 Multiple browsers DoS
updated since 16.07.2009
document select() method doesn't limie the number of selected elements, leading to resources exhaustion.
 Multiple browsers DoS
document Crash or resources exhaustion on oversized unicode string operations via Javascript.
7!Microsoft DirectShow multiple security vulnerabilities
document Multiple DoS conditions and memory corruptions on Apple QuickTime formats processing.
 Mozilla Firefox / Microsoft Internet Explorer / Opera /Google Chrome DoS
updated since 26.05.2009
document Hang on circle with large radius value in SVG tags. Hang and memory leak on reload with keygen tag.
7!Microsoft Active Directory multiple security vulnerabilities
updated since 09.06.2009
document Double free() vulnerability, memory leaks.
8!Windows print spooler multiple security vulnerabilities
updated since 10.06.2009
document Buffer overflow, unauthorized files access, privilege escalation with dynamic library loading.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.06.2009
document Crossite data access, multiple memory corruptions.
6!Microsoft Wordpad / Microsoft Works multiple security vulnerabilities
updated since 14.04.2009
document Buffer overflows and memory corruptions on different file formats conversions.
6!Microsoft Windows kernel multiple privilege escalation
document Multiple vulnerabilities in different subsystems.
6!Microsoft IIS WevDAV authentication bypass
document It's possible to access resources? requireing authentication anonymously.
 Browsers and search systems URL spoofing
updated since 27.04.2009
document By using %xx in host name it's possible to spoof URL origin.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.04.2009
document Code exexuction, multiple memory corruptions, NTLM relaying.
6!Microsoft Windows WinHTTP servive multiple security vulnerabilities
document Integer overflow, certificate spoofing, NTLM relaying.
6!Microsoft Windows privilege escalation
document Privilege escalation with MSDTC, WMI, RPCSS, Windows Thread Pool services.
7!Microsoft DirectShow memory corruption
document Memory corruption on Motion JPEG files decompression.
 Microsoft Windows DNS and WINS special records spoofing
document It's possible to spoof WPAD and ISATAP records.
10!Microsoft Windows kernel multiple security vulnerabilities
document Multiple security vulnerabilities allow code execution via EMF/WMF files.
 Multiple browsers inherited charset crossite scripting
updated since 25.02.2007
document If [age with undefined charset is displayed in frame, codepage of parent page is used. It makes it possible to conduct crossite scripting attack with e.g. UTF-7, EUC-JP (SHIFT_JIS) charset.
 Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS
updated since 30.09.2008
document Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Few memory corruptions.
 Microsoft Windows fails to disable autorun
document None of documented methods to disable autorun does it completely. This way of distribution is actively used by malware. CERT advises to add next record into registry (@ means default value for key). [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] @="@SYS:DoesNotExist"
9!Microsoft Windows SMB multiple security vulnerabilities
updated since 13.01.2009
document Buffer overflows and DoS conditions.
 Microsoft Internet Explorer DoS
document Crash on recursive script creation with createElement().
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 10.12.2008
document Multiple memory corruptions.
9!Microsoft Windows Media Player buffer overflow
document Buffer overflow on WAV parsing
 Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS
document Printing <irame> in endless loop from javascript causes resources exhaustion and leads to browser hang.
9!Microsoft Windows Media Player integer overflow
document Integer overflow on WAV parsing.
6!Microsoft Outlook Express / Outlook / Internet Explorer DoS
updated since 17.12.2008
document <dt><h1 style=width:1px><li></h1> in HTML part causes application to crash.
10!Microsoft Internet Explorer memory corruption
document Memory corruption leads to code execution. Vulnerability is used in-the-wild for hidden malware installation.
 Microsoft Windows Media Player multiple security vulnerabilities
document NTLM credentials leak and relaying.
8!Microsoft Windows GDI library multiple security vulnerabilities
document Buffer overflow and integer overflow on WMF parsing.
6!DoS against multiple e-mail applications and anti-viruses
document MIME messages with large recursion level may cause application to hang or crash.
 Microsoft Internet Explorer saved pages crossite scripting
updated since 21.08.2007
document Crossite scripting in context of local machine is possible on saving URL with address like http://site/--><script>alert("XSS")</script>
 Microsoft Windows LDAP users enumeration
document Different serverreply on invalid username and invalid password.
 Internet Explorer, Opera, Google Chrome, Mozilla browsers DoS
updated since 03.10.2008
document window.close() в цикле на событие OnLoad() приводит к зависанию браузера. Multiple resource exhaustion attacks with Javascript.
7!Microsoft XML multiple security vulnerabilities
document Memory corruption, crossite scripting, information leak.
10!Microsoft Windows code execution
updated since 24.10.2008
document It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445. Reccomendation is to disable browser service.
 Microsoft Internet Explorer address bar spoofing
document There are few methods of address bar spoofing.
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.10.2008
document Memory corruptions, information hijack, crossite scripting.
8!Microsoft Windows SMB buffer overflow
document Buffer overflow on SMB protocol parsing.
 Microsoft Windows 2000 Message Queuing code execution
document Code execution via RPC-based service.
 Microsoft Windows Internet Printing Service integer overflow
document Integer overflow after authentication.
 Microsoft Windows kernel multiple security vulnerabilities
document Double free() vulnerability and memory corruptions.
6!Microsoft Windows 2000 Active Directory buffer overflow
document Buffer overflow on LDAP request processing.
 Windows kernel integer overflow
document Integer overflow in IopfCompleteRequest function.
 Internet Information Server and IAS ActiveX unauthorized access and DoS
document ActiveX allows privileged actions to be silently executed.
 Microsoft Internet Explorer DoS
document Browser hangs on malcrafted PNG image.
 Mozilla Firefox / Opera / Microsoft Internet Explorer browsers DoS
document window.sidebar.addPanel() in the loop causes browser to hang.
6!Microsoft Outlook Express / Microsoft Outlook DoS
updated since 20.09.2008
document Crash on <style>*{position:relative}</style> <table>DoS</table> in HTML content.
 Microsoft Windows DoS
document Uninitialized memory reference on WRITE_ANDX SMB request handling.
7!Microsoft Windows Media Encoder ActiveX code execution
document Control supports unsafe methods.
8!Microsoft Windows GDI library multiple security vulnerabilities
document Multiple vulnerabilities on different graphics format parsing.
7!Microsoft .Net framework multiple security vulnerabilities
updated since 10.07.2007
document Buffer overflow on PE .Net format parsing, buffer overflow in KIT compiler, remote information leak in ASP.NET with poisoned NULL byte.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.08.2008
document Multiple memory corruptions, MHTML crossite scripting.
7!Microsoft Windows color management system memory corruption
updated since 12.08.2008
document Memory corruption on ICCM management.
6!Microsoft Windows privilege escalation
document Invalid event handling allows code execution in system context.
6!Microsoft Windows DNS server and DNS client DNS reply spoofing
updated since 14.11.2007
document Weak pseudo-random generator is used to generate DNS request ID.
 Microsoft Active Directory DoS
document Uninitialized memory reference on LDAP processing.
 Microsoft Windows WINS privilege escalation
document Memory corruption on packet parsing.
7!Microsoft DirectX code execution
document MJPEG format AVI and ASF files parsing vulnerability, SAMI files parsing vulnerability.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Crossite scripting, information leak.
7!Microsoft Jet engine buffer overflow
document Buffer overflow on MDB files request handling.
6!Microsoft Internet Explorer memory corruption
updated since 08.04.2008
document Memory corruption on datasream processing.
8!Microsoft Windows multiple ActiveX elements security update
updated since 08.04.2008
document Code execution in hxvz.dll.
9!Microsoft Windows GDI multiple security vulnerabilities
updated since 08.04.2008
document Multiple buffer overflows on EMF and WMF files parsing.
6!Microsoft Windows privilege escalation
document Code execution in kernel context.
9!Microsoft Windows VBScript / JScript buffer overflow
document Buffer overflow on scripts parsing.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2008
document Multiple memory corruptions.
6!Microsoft Internet Information Services privilege escalation
document Privilege escalation through file change notification. ASP files processing privilege escalation.
6!Microsoft Windows Active Directory DoS
document Crash on LDAP request handling.
7!Microsoft Windows OLE buffer overflow
document Heap buffer overflow
6!Microsoft Windows LSASS LPC requests privilege escalation
document It's possible to execute code with LocalSystem privileges.
10!Microsoft Windows TCP/IP stack multiple security vulnerabilities
document Memory corruption on IGMP/MLD processing, DoS on fragmented ICMP router discovery.
6!Microsoft Windows Vista / XP / 2000 audio drivers privilege escalation
document Ensoniq PCI 1371 WDM audio driver privilege escalation.
7!Microsoft Windows Message Queuing buffer overflow
updated since 12.12.2007
document Buffer overflow in RPC interface (TCP/2103).
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.12.2007
document Multiple memory corruptions.
8!Microsoft Windows DirectX multiple security vulnerabilities
updated since 12.12.2007
document Synchronized Accessible Media Interchange (SAMI), WAV and AVI.
6!3ivx MP4 codec buffer overflow
document Buffer overflow on MP4 tags parsing.
 Microsoft Jet Engine MDB files parsing buffer overflow
document Buffer overflow on MDB file access.
 Microsoft Internet Explorer executable files download filter protection bypass
document It's possible to upload file to temporary internet files folder by adding GET parameters to filename, e.g. http://example.com/program.exe?1.cda/
6!Microsoft Windows RPC DoS
updated since 10.10.2007
document Denial of Service during authentication in RPC-based services.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruption, address bar spoofing.
 Kodak Image Viewer memory corruption
document Memory corruption on image files parsing.
8!Microsoft Outlook Express / Windows Mail NNTP buffer overflow
document Heap memory overflow on NNTP server reply parsing.
6!Microsoft Agent ActiveX buffer overflow
updated since 11.09.2007
document Buffer overflow on oversized URL.
9!Microsoft Windows XML core services memory corruption
updated since 14.08.2007
document Memory corruption on XML parsing.
10!Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007
document Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption.
10!Microsoft Windows VML parsing buffer overflow
document Heap buffer overflow on compressed VML content.
6!Microsoft Windows Media Player multiple security vulnerabilities
document Multiple vulnerabilities on skin files parsing.
6!Microsoft Windows OLE Automation memory corruption
updated since 14.08.2007
document Memory corruption on embedded objects processing.
10!Microsoft Windows GDI code execution
updated since 14.08.2007
document Heap buffer overflow on Windows metafiles parsing.
 Microsoft DirectX buffer overflow
document Buffer overflow on compressed TGA images parsing.
6!Microsoft Internet Explorer 0-day vulnerability
updated since 10.07.2007
document Unfiltered shell characters on executed URL: protocol application handler.
7!Microsoft Windows Active Directory array overflow
updated since 10.07.2007
document Array index overflow on LDAP request parsing.
 Microsoft Internet Explorer DoS
document Browser DoS on the page in domain with special characters.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.06.2007
document Multiple memory corruptions, content spoofing.
6!Microsoft Windows Secure Channle DoS
updated since 12.06.2007
document Service hangs on SSL/TLS handshake parsing.
9!Microsoft Windows APi code execution
document Insufficient validation of function arguments.
 Microsoft Windows GDI+ library DoS
updated since 11.06.2007
document Division by zero on .ICO files parsing.
 Microsoft Html Popup / Outlook Express Address Book ActiveX DoS
document Crash on element displaying.
7!Microsoft Internet Explorer and Mozilla Firefox multiple security vulnerabilities
document Internet Explorer race conditions allow cross domain access. Mozilla Firefox IFRAME cross domain access. Mozilla file download dialogs delay protection bypass. MSIE address bar spoofing.
 Microsoft Windows Active Directory users account enumeration
document It's possible to enumerate accounts with Logon Hours limitation set.
 Microsoft IIS unauthorized files access
document It's possible to bypass authentication with null.htw template.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 08.05.2007
document Multiple memory corruption on COM objects and HTML parsing, files rewrite.
8!Microsoft Windows DNS Server 0-day buffer overflow
updated since 13.04.2007
document Buffer overflow in RPC-based interface is used for remote system compromisation.
 Microsoft Windows Virtual DOS machine privilege escalation
document Race conditions allow to overwrite VDM memory zero page.
7!Microsoft Windows memory corruption
updated since 16.12.2006
document CSRSS memory corruption on MessageBox with MB_SERVICE_NOTIFICATION beginning with "\??\".
7!Microsoft Agent ActiveX memory corruption
document Buffer overflow on URL parsing.
10!Microsoft Windows animated cursors buffer overflow
updated since 30.03.2007
document Stack buffer overflow (stack overrun) is actively used for hidden malware installation.
9!Microsoft Windows multiple GDI vulnerabilities
   
7!Microsoft Data Access Components code execution
updated since 13.02.2007
document ADODB.Connection NextRecordset() / Execute() double free() vulnerability. Can be used for hidden malware installation.
 Microsoft Internet Explorer DoS
document Memory exhaustion with appendChild method.
7!Microsoft MFC memory corruption
updated since 13.02.2007
document Memory corruption on RTF files parsing. Can be used for hidden malware installation.
 Microsoft Windows mmioRead () multimedia function integer overflow
document Integer overflow on negative parameter values.
 Microsoft Windows OLE files DoS
document Crash on OLE file (.DOC) preview.
6!Microsoft Windows files and folders management problems
updated since 07.03.2007
document During file operations conditions exist for attacker to gain access to content of protected or locked files. It's also possible to create unmanageble file.
 Multiple browsers information leaks
document Server can find pages visited by user by using, e.g., different background pages for "visited" elements.
6!Multiple browsers OnUnload event handler different vulnerabilities
updated since 23.02.2007
document Different memory corruptions because of race conditions in OnUnload handler. In addition address bar spoofing and creation of pages can not be left is possible.
6!Mozilla libnss multiple security vulnerabilities
updated since 25.02.2007
document Buffer overflows and integer overflows in SSL2 client and server code implementation.
6!Microsoft Windows ReadDirectoryChangesW information leak
document ReadDirectoryChangesW() API function doesn't check user's privileges for subtree folders, making it's possible for unprivileged user to gather information about sensitive files.
 Microsoft Step-by-Step Interactive Training buffer overflow
updated since 13.02.2007
document Buffer overflow on bokmarks files handling (.cbl, .cbm, .cbo).
7!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruptions on COM objects instantiation and FTP server response parsing can be used for hidden malware installation.
7!Microsoft Windows RiсhEdit control memory corruption
document Memory corruption in RF-enbedded OLE object can be used for hidden malware installation.
7!Microsoft Windows OLE dialog memory corruption
document Memory corruption on RTF-embedded OLE object. Can be used for hideen malware installation.
7!Microsoft Windows HTML Help ActiveX code execution
document It's possible to access unsafe functions from web page. Vulnerability can be used for hidden malware installation.
6!Microsoft Windows Image Acquisition Service buffer overflow
   
 Microsoft Internet Explorer / Mozilla Firefox user input hijacking
document It's possible to hijack input focus by using OnKeyDown / OnKeyPress events.
 Microsoft Internet Explorer multiple ActiveX different paramters DoS
document NULL pointer dereference.
7!Microsoft Agent memory corruption
updated since 14.11.2006
document Memory corruption on parsing .ACF files.
 Microsoft Windows WMF invalid pointer dereference
document Invalid pointer dereference in GDI on CreateBrushIndirect function.
8!Microsoft VML buffer overflow
document Buffer overflow and integer overflows on Vector Markup Language parsing. May be used for hidden malware installation.
6!Multiple browsers race conditions
updated since 18.08.2006
document There are different race condition with threading synchronization on different concurrent events.
 Microsoft Windows Client for Microsoft Network DoS
document Argument of NetrWkstaUserEnum() memory is not checked and used to allocate memory, creating condition for memory exhaustion.
6!Multiple browsers DNS pinning protection bypass
document By emulatin Web server failure it's possible to bypass DNS pinning protection (protection against changing IP address resolution by DNS name for crossite access)
7!Microsoft Internet Explorer / Outlook Express multiple security vulnerabilities
updated since 12.12.2006
document Memory corruption on Javascript errors processing and Javascript normalize() function. Temporary Internet Files crossite access. Buffer overflow on Windows Address Book (WAB) parsing.
6!Microsoft Windows SNMP service buffer overflow
   
7!Microsoft Windows Media Format Runtime buffer overflow
document Buffer oveflows on parsing ASF (.ASF, .WMV, .WMA) and ASX files.
6!Microsoft RIS Server weak permissions
document It's possible to write files via TFTP.
 Microsoft Windows spoolss DoS
document Memory exhaustion in GetPrinterData() function.
7!Microsoft Windows Workstation service buffer overflow
updated since 14.11.2006
document Buffer overflow in RPC based service.
 Microsoft Windows Client Service for Netware multiple vulnerabilities
updated since 14.11.2006
document Memory corruption, DoS.
9!Microsoft Windows daxctle.ocx and HTML parsing buffer overflows
updated since 13.09.2006
document DirectAnimation.PathControl ActiveX control KeyFrame method heap overflow. Buffer overflow in CSS Floatproperty. May be used for hidden malware installation.
9!Microsoft Windows XMLHTTP ActiveX code execution
updated since 05.11.2006
document ActiveX vulenrability is used for silent malware installation.
6!Windows kernel GDI structures privilege escalation
document It's possible to remap read-only share memory section in write mode.
6!Microsoft Windows Object Packager dialog spoofing
updated since 11.10.2006
document Code execution with .RTF or .WRI file embedded object.
7!Microsoft Windows Server service multiple security vulnerabilities
document Denial of service and code execution vulnerabilities.
7!Microsoft Windows drmstor.dll buffer overflow
document Buffer overflow in ActiveX element.
7!Multiple Microsoft XML service security vulnerabilities
document Crossdomain data access, buffer overflow.
 Microsoft Indexing Service crossite scripting
updated since 12.09.2006
document Crossite scripting with UTF-7 characters in URL is possible.
10!Microsoft Windows / Internet Explorer 0-day vulnerability
updated since 20.09.2006
document Microsoft Vector Graphics Rendering Library vulnerability is used for hidden malware installation.
8!Multiple Windows kernel security vulnerabilities
updated since 09.08.2006
document Buffer overflow vulnerability allows privilege escalation, WinLogon user profile DLL privilege escalation, unhandled exception code execution vulnerability.
9!Multiple Microsoft Internet Explorer security vulnerabilities
updated since 08.08.2006
document Crossite scripting, crossite information access, FTP commands injection. Vulnerabilities can be used for hidden malware installation.
7!Microsoft Windows DHCP client buffer overflow
updated since 11.07.2006
document Buffer overflow on DHCP server response parsing.
8!Multiple Microsoft Windows Server service security vulnerabilities
updated since 11.07.2006
document Kernel mode heap overflow on mailslots processing. Information leak from SMB buffers.
7!Microsoft Windows crossite MMC access
updated since 08.08.2006
document Script from Internet/Intranet zone site can access any Microsoft Management Console's object.
9!Microsoft Windows DNS client buffer overflows
updated since 08.08.2006
document Buffer overflows in Winsock API and DNS client code.
7!Multiple Microsoft Internet Explorer and Windows security vulnerabilities
updated since 28.06.2006
document Cross-domain page content access, MSHTA code execution.
6!Microsoft Windows GDI32 library integer overflow
document CreateBrushInderect integer overflow on WMF files parsing.
6!Microsoft Internet Information services buffer overflow
updated since 11.07.2006
document Buffer overflow in ASP files processing leads to privilege escalation.
6!Microsoft Windows SMB/CIFS privilege escalation
updated since 13.06.2006
document MRxSmbCscIoctlOpenForCopyChunk buffer overflow. In additions, there are DoS vulnerabilities not covered by MS06-30.
9!Microsoft Windows RRAS Service buffer overflow
updated since 13.06.2006
document Buffer overflows in service RPC interface. May be used by network worm.
 Microsoft Windows 2000 RPC spoofed server attack
document Mutual authentication is not actually performed.
9!Windows ICMP DoS (potential code execution)
updated since 09.02.2006
document Buffer overflow on ICMP packets with Loose Source and Record Route IP options. Short message translation: There are DoS conditions in Windows 2000 built-in NAT server. Tested configuration: Windows 2000 English Standard/Advanced Service Pack 4 + Update Rollup 1 for Service Pack 4 with NAT server enabled. While routing packets with options "Loose Source and Record Route" defined by RFC 791 through server, Windows crashes to BSOD with error in tcpip.sys or ntoskrnl.exe, or system hangs or system began instable work. It doesn't metter if packets are from internal or external networks. Use attached script to test vulnerability. On Windows 2003 problem doesn't present. It's also likely same problem to present in Windows 2000 + ISA 2000. Code execution is potentially possible.
8!Microsoft JScript (Internet Explorer) memory corruption
document Memory corruption on objects release. May be used for hidden malware installation.
 Windows limited service account privilege escalation
document By using security tokens located in process memory it's possible to escalate privileges from limited service account, such as Network Service or Microsoft SQL Service account.
 Microsoft Distributed Transaction Coordinator DoS
updated since 09.05.2006
document Two different buffer overflows causing service to crash.
8!Microsoft Windows shell code execution
updated since 11.04.2006
document COM object can execute code. Can be used for hidden malware installation with Internet Explorer.
6!Microsoft Outlook Express buffer overflow
updated since 11.04.2006
document Buffer overflow on parsing WAB address book.
8!Microsoft Windows MDAC code execution
updated since 11.04.2006
document RDS.Dataspace ActiveX object is marked as safe. Can be used for hidden malware installation with Internet Explorer.
8!Multiple Microsoft Windows Media Player vulnerabilities
updated since 15.02.2006
document Buffer overflow on BMP files playing. Buffer overflow on oversized SRC for HTML page with EMBED'ded WMP. May be used for client machine trojaning.
6!Internet Explorer for Windows 2000 WMF files memory corruption
document Memory corruption on Windows MetaFiles parsing.
 Microsoft Windows MS-DOS applications uninitilized memory access information leak
document Memory is not initialized then allocated for MS-DOS virtual machine. It allows to read data from physical memory.
8!Microsoft Windows embedded web fonts memory corruption
updated since 10.01.2006
document Memory corruption on parsing web fonts embedded to HTML page. May be used to install trojans, backdoors or another malware to client computer.
 Microsoft Windows RunAs GPO restrictions protection bypass
document It's possible to use RunAs with restricted application.
7!Microsoft Windows 2000 kernel Asynchronous Procedure Call privilege escalation
document Double removal of structure from linked list allows memory manipulation.
7!Microsoft Windows Plug and Play Service UMPNPMGR buffer overflow
updated since 12.10.2005
document Buffer overflow on PNP_GetDeviceList and PNP_GetDeviceListSize calls for anonymous user on Windows 2000 and authenticated user on Windows 2003 / XP. There is another one similar vulnerability, leading to memory leak with DoS conditions.
8!Microsoft Windows WMF / EMF buffer overflow
document Multiple buffer overflows in GDI on WMF and WMF windows metafile formats.
 Multiple Microsoft Distributed Transaction Controller DoS conditions
updated since 12.10.2005
document Problems with TIP protocols handling, bounce attack is possible.
7!Microsoft Distributed Transaction Coordinator service memory corruption
updated since 12.10.2005
document Memory corruption as a result of integer overflow with anonymous remote access (Windows 2000) and authenticated access under Windows XP/2003.
7!Microsoft Windows Microsoft Collaboration Data Objects buffer overflow
updated since 12.10.2005
document Buffer overflow on parsing mail messages with Microsoft SMTP service.
6!Microsoft Windows Network Connection Manager service buffer overflow
document Buffer overflow in RPC service.
6!Microsoft Windows Client Service for NetWare buffer overflow
document Buffer overflow in network file srevice.
6!Microsoft Windows Shell multiple vulnerabilities
document Problems with .lnk files processing, HTML files preview.
 Microsoft Windows keyboard events design flow
document Application with diferent user's credentials may send keyboard events to applications running in the same desktop emulating user input.
6!ICMP and TCP timestamp attacks to reset TCP connections
updated since 13.04.2005
document By using different ICMP packet types and TCP timestamps values it's possible to cause TCP connection resets or performance decrease.
6!Microsoft Windows Plug and Play service buffer overflow
updated since 09.08.2005
document Stack overflow on named pipes request processig.
6!Microsoft Windows RDP protocol DoS
updated since 09.08.2005
document Bug in RDP protocol parsing causes system to crash and restart.
6!Microsoft Windows Telephony service privilege escalation
   
6!Microsoft Windows print Spooler service buffer overflow
document Buffer overflow on named pipes request processing.
6!Multiple Microsoft Windows Kerberos service vulnerabilities
document DoS on protocol parsing. Ability so spoof server on smart card authentication.
 Microsoft Windows USB drivers buffer overflow
document Buffer overflow on USB device response parsing.
9!Microsoft Windows Color Management module buffer overflow
updated since 13.07.2005
document Buffer overflow during ICC tags processing in different graphics formats, including JPEG.
 Windows XP / 2000 / 2003 / NT named pipes usernames information leak
updated since 09.02.2005
document It's possible to retrieve usernames of the users accessing network resources.
7!Microsoft Message Queuing buffer overflow
updated since 13.04.2005
document Buffer overflow in RPC-based protocol.
 Microsoft Agent content spoofing
document Microsoft Agent ActiveX allows to spoof trusted site content.
8!Microsoft Internet Explorer PNG images buffer overflow
document Heap overflow on large specific PNG chunk.
8!Microsoft Windows HTML Help files parsing buffer overflow
document Heap overflow on HTML help (.chm) files structure parsing.
8!Microsoft Windows SMB file system client buffer overflow
updated since 09.02.2005
document Buffer overflow on nework protocol parsing.
 Microsoft Windows Explorer code execution
document It's possible to execute script automatically on file selection.
7!Windows 2000/XP/2003 kernel multiple vulnerabilities
document Buffer overflow during font files parsing, buffer overflow in CSRSS (Win32 execution subsystem), privilege escalation.
6!Microsoft Windows MSHTA code execution
document Content type of the file is determined based on CLSID in file content, not by it's extention.
9!Microsoft Windows TCP/IP stack multiple vulnerabilities
document Memory corruption on IP packets handling, TCP connection reset with spoofed TCP and ICMP packets, a varinat of LAND attack.
10!Windows multiple bugs
updated since 14.04.2004
document LSASSS buffer overflow, LDAP DoS, PCT buffer overflow, WinLogon buffer overflow, WMF/EMF parsing buffer overflow, HCP:// code execution, Utility Manager privilege escalation, WMI privilege escalation, LDT privilege escalation, H.323 buffer overflow, NTVDM privilege escalation, ASM.1 double free memory coruuption.
 Microsoft Windows msjet database multipl vulnerabilities
document Microsoft Windows msjet databases multiple vulnerabilities.
 Windows 2000 GetEnhMetaFilePaletteEntries() API DoS
document Application may crash on malcrafted EMF file processing.
7!Windows License Logging Service buffer overflow
updated since 09.02.2005
document Buffer overflow during request parsing.
7!Microsoft Windows COM/OLE multiple bugs
document Privilege escalation during parsing files with COM structure (e.g. MS Office), buffer overflow on OLE objects, including MS Exchange MS-TNEF data format.
7!Microsoft Windows Drag-and-Drop vulnerability
document It's possible to trick user to drag-n-drop malicious file into special (for example autostart) folder.
7!Microsoft Windows Hyperlink Object Library buffer overflow
   
7!Microsoft Windows NetDDE buffer overflow
updated since 13.10.2004
   
8!Microsoft Windows .ANI (animated cursor) files buffer overflow
document USER32.DLL buffer overflow allows code to be executed. This vulnerability can potentially be used for silent spyware/adware installation.
8!Multiple Microsoft Windows bugs
updated since 15.12.2004
document Kernel buffer overflow LSASS privilege escalation.
 Microsoft HTML parser DoS
document Invalid javascript handling causes application compiled with libarary fails.
 Windows ANI files DoS
document Installing ANI file with incorrect parameters causes syste, to freeze or crash.
6!Windows LoadImage integer overflow
document Integer overflow on bitmap size calculation.
 HyperTerminal buffer overflow
document Buffer overflow on .ht files parsing.
6!Microsoft WordPad buffer overflow
document Buffer overflow during Word 95/6.0 documents conversion.
6!Microsoft WINS server memory corruption
updated since 29.11.2004
document Bug in replication protocol handling allows code execution.
8!Microsoft Windows multiple bugs
updated since 13.10.2004
document Windows management API privilege escalation with SetWindowLong()/SetWindowLongPtr() shatter attack, Virtual DOS Machine privilege escalation, EMF/WMF files code execution, DoS.
6!Windows Shell buffer overflow
   
8!Microsoft NNTP code execution
document Multiple bugs during XPAT command parsing.
8!Microsoft HTML Help buffer overflow
document Buffer overflow on CHM format parsing.
 Windows Shell file type spoofing
document By using class id in content-disposition it's possible ti spoof file type. Content-Disposition: attachment; filename=malware.{3050f4d8-98B5- 11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"
 Windows POSIX subsystem buffer overflow
document POSIX subsystem overflow allows privilege escalation.
6!Microsoft Windows Task Scheduler buffer overflow
document Buffer overflow during .job files parsing.
 Microsoft DirectPlay DoS
document Invalid network packets parsing.
 Explorer / Internet Explorer buffer overflow
document Buffer overflow on connection to network folder with oversized share name.
6!Microsoft Jet Database Engine buffer overflow
document Request to database can cause buffer overflow.
10!Windows NT/2000/XP/2003 RPC buffer overflow
updated since 17.07.2003
document Multiple buffer overflows during RPC request parsing via TCP/135 and another RPC ports.
10!Multiple Windows ASN.1 bugs
updated since 11.02.2004
document Heap corruptions, heap buffer overflows open possibilities for attack via different protocols and applications.
6!WINS buffer overflow
document Buffer overflow on network packet parsing.
 HTML help privilege escalation
updated since 24.10.2003
document HtmlHelp() call doesn't drop system privileges.
9!Lanman workstation buffer overflow
document Buffer overflow during service network messages processing.
7!Win32 'Shatter' attacks
updated since 22.08.2002
document Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
10!Windows Messenger service buffer overflow
updated since 16.10.2003
document Buffer overflow on message receiving.
7!Buffer Overflow in Tshoot.ocx Windows Troubleshooter ActiveX
updated since 16.10.2003
   
 Windows ListBox/ComboBox buffer overflow
document Buffer overflow in Windows components makes it possible to launch shatter attack.
8!Microsoft Windows Authenticode protection bypass
document There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
 Microsoft Windows NetBIOS information leak
document Uninitialized memory structure during reply to NetBIOS name request allows attacker to read few bytes from remote host's memory.
7!Windows DirectX MIDI integer overflow
updated since 24.07.2003
document Integer overflow during MIDI processing leads to heap corruption allowing code execution.
8!Windows 2000 RPC DoS and privilege escalation
updated since 22.07.2003
document Malformed DCOM __RemoteGetClassObject request causes RPC mapper service to crash. After RPC crashes, it's possible for local attacker to hijack epmapper pipe and impersonate local system.
6!Multiple SNMP problems
updated since 13.02.2002
document Multiple problems in different SNMP implementation can lead to DoS, remote code execution, etc.
7!Windows 2000 multiple bugs
updated since 08.07.2003
document Windows 2000 Internet Key Exchange Selects Incorrect Certificate, Update to Help Prevent Cross-Forest Certificate Enrollment, Update to Verify cbDestLength in the Imaadpcm Component, Zones Removed from the Registry When You Start the DNS Service, Account Replication Latency Causes Certificate Enrollment to Fail, Potential Denial of Service Vulnerability Exists in SAM, Call to USBH_IoctlGetNodeConnectionDriverKeyName May Return Uninitialized Data, Update to Use MAX_PATH Variable in Port Name Buffers, The MyGetSidFromDomain Function Calls DsGetDCName to Obtain the Domain Security ID, ModifyDN Request May Cause an Infinite Loop When the New Parent Is Specified by a Distinguished Name, User May Impersonate a Named Pipe Client in a Terminal Services Session and Gain Access to the System Account, CDP and AIA URLs Are Not Displayed in the Certification Authority Snap-in If the URL Contains "%%20" Characters, Update Helps to Prevent Two Client-Supplied Authorization Data Entries from Being Included in a Kerberos Ticket, Server Can Gain Access to Your Computer by Using an RPC Connection When You Download and Install Drivers in Internet Explorer, A Socket Handle Memory Leak Condition May Occur in Cryptnet.dll, Vulnerability in Terminal Services Licensing May Permit a Malicious User to Generate Additional Client Licenses in Terminal Services Licensing
6!Windows 2000 Active Directory buffer overflow
document Stack overflow on LDAP search request with more than 1000 "AND" statements.
6!Windows 2000 ShellExecute() buffer overflow
document Buffer overflow in 3rd argument.
 Microsoft Windows 2000 Network Monitor buffer overflow
document Buffer overflow on pasring SMB request to oversized filename.
7!Windows NTLM relaying attacks
updated since 14.09.2000
document Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
 regedit buffer overflow
document Buffer overflow on oversized key displaying.
7!Windows NT/2000/XP kernel buffer overflow
document Stack based overflow during debug message processing.
 Microsoft RPC DoS
document Malformed request to RPC Endpoint Mapper (TCP/135) may cause RPC services to crash.
7!Windows Script Engine integer overflow
document Integer overflow on array's sort() function.
 WIN32 PostMessage API information leak
document By using PostMessage(hwnd, EM_SETPASSWORDCHAR, 0, 0) it's possible to unmask password in dialog to copy it later via buffer. It alows to bypass WM_GETTEXT protection.
6!Windows Help buffer overflow
document Buffer overflow on :LNK processing in .CNT files.
 Microsoft Windows NT cmd.exe buffer overflow
document Buffer overflow (Windows NT) or batch failure (Windows 2000) on oversized paths.
7!Buffer overflow in Microsoft Windows NT/2000/XP Locator service
updated since 23.01.2003
document Buffer overflow during packet parsing on Domain Controllers.
 Group policy DoS in Windows NT/2000
updated since 05.12.2001
document By putting exclusive lock on group policy file it's possible to stop group policy from applying domainwide.
 Windows 2000 SMB signing protection bypass
updated since 14.12.2002
document During connectio nsetup it's possible to switch off SMB signing regardless of policy setting.
 Multiple Windows 2000 driver signing problems
document It's possible to spoof file with older one, problem in certificate chain validation.
 Windows 2000 system partition weak default permissions
updated since 03.08.2002
document Everyone/Full Control permission allows to change initiall boot files regardless of individual file permissions.
6!Windows 2000/XP PPTP buffer overflow
updated since 01.10.2002
document Malformed PPTP packets causes service to crash.
 Microsoft RPC null reference DoS
updated since 19.10.2002
document NULL pointer reference during processing of RPC packet (TCP/135)
7!Buffer overflow in Windows 2000/NT SMB protocol
updated since 23.08.2002
document Malcrafted SMB quiery into port 139/445 causes server to crash.
8!Windows 2000 Network Connection Manager privelege escalation
document Callback function is called with system priveleges.
 Buffer overflow in Windows HELP
document Buffer overflow during ActiveX companent invocation.
 DoS against Windows and other systems
updated since 20.05.2000
document A number of fragmented packet cause host to freeze during the attack.
6!Microsoft RAS Phonebook buffer overflow
updated since 05.12.2000
document Buffer overflow.
8!Debploit: Microsoft Windows NT/2000 debug API privelege escalation
updated since 15.03.2002
document By connection to PLC port DbgSsApiPOrt it's possible to obtain handler for any process or thread for debugging.
 Microsoft Windows 2000 Active Directory LDAP DoS
document Malformed LDAP-request causes Active Directory to hang.
6!Windows 2000 Directory Service DoS
document Flood to TCP/445 (microsoft-ds) port causes server to hang.
6!Buffer overflow in Windows NT/2000/XP
updated since 04.04.2002
document Buffer overflow on long request to MUP (Multiple UNC Provider)
 DCOM information leakage
document Some RPC request may contain data from uninitialized memory.
 DoS против SMTP в Exchange
updated since 28.02.2002
   
 Релеинг через MS Exchange (Mail Relaying)
updated since 28.02.2002
   
 Подключение под чужим SID между доменами Windows 2000 (privelege escalation)
updated since 31.01.2002
   
6!Переполнение буфера в telnet сервере Microsoft (buffer overflow)
   
 DoS против Windows 2000/NT (stream3 flood)
updated since 10.01.2001
   
 DoS против Windows 2000 при исопльзовании IPSec (IKE flood)
   
6!RADIUS protocol and implementation weakness
updated since 13.11.2001
document There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges.
7!Проблемы со службой RunAs в Windows 2000 (privelege escalation)
   
 Локальный DoS в Windows NT/2000
   
 DoS против Windows NT/2000 через Terminal Service (Invalid RDP Data, memory leak)
updated since 01.02.2001
   
 Новая DoS атака - simultation close
updated since 16.08.2001
   
 RPC DoS против MS Exchange/SQL/Windows NT/2000
updated since 27.07.2001
   
 Переполнение буфера в Windows 2000 IRDA Driver (buffer overflow)
   
 DoS против NNTP в Windows NT/2000
   
 Релеинг через SMTP-службу в Windows 2000 (message relaying)
   
 Неавторизованный доступ через SSL к LDAP в Windows 2000 (unauthorized access)
   
 Проблемы с telnet-сервисом Windows 2000 (predictable named pipes)
   
9!Проблема с отладочными регистрами в Windows 2000 (debug registers privelege elevation)
   
7!Дырки в Microsoft IndexServer (buffer overflow, file disclosure)
   
 DoS против Kerberos в Windows 2000 (memory leakage)
   
6!Дырка в Event Viewer из Windows 2000
   
 Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string)
   
 DoS против контроллеров домена в Windows 2000
   
8!Дырка в Windows 2000 (Network DDE Agent privilege elevation)
updated since 06.02.2001
   
 Локальный DoS против Windows
   
 Дырка в Web Extender Client
   
 Дырка в мастере "Configure Your Server" Windows 2000
   
 UDP-шторм в Windows 2000 (Kerberos 5 UDP storm)
   
6!Проблемы в Windows 2000 (Domain Account Lockout)
   
6!Проблемы с одним из компонент ActiveX (Parameter Validation)
updated since 04.11.2000
   
 Дырки в Network Monitor Windows NT/2000
updated since 02.11.2000
   
6!Уязвимость в Microsoft/Hilgraeve Hyperterminal
   
7!Многочисленные дырки в LPC Windows 2000/NT
   
 Проблемы с подмонтированными дисками и клиентами Mac в Win2K
   
6!DoS Windows 2000 через RPC
   
 Локальная дырка в Windows 2000 - переполнение буфера в Still Image Service
   
 Серьезная проблема с реализацией NetBIOS (NetBT) в Windows
   
 DoS против Windows 2000 (повреждение файла локальной политики)
   
 Дырка в Windows 2000 COM Internet Services Proxy
   
6!Проблемы с HTT-фолдерами в Windows
updated since 15.08.2000
   
6!Уязвимость в services.exe Windows 2000
   
 Уязвимость в NT - относительнный путь к оболочке пользователя.
   
 DoS против Windows - конфликт имен NetBIOS
   
 DoS против telnet в Windows 2000
   
 Проблема с Desktop'ами в Windows 2000
   
 Некорректные разрешения на служебный ресурс для CDROM в Win2K
   
6!DoS против протокола SMB (Server) в WinNT/Win2K
   
 Проблема с Protected Storage в Win2K
   
 DoS против explorer под Win2K
   
 Проблемы со службой обзора (Browser)
   
 Слабость EFS в Windows 2000
   
 Переполнение буфера в CMD
updated since 21.04.2000
   
6!Проблема доступа к объектам Активной Директории
   
 Проблемы с правами на папки в Win2K при OEM-инсталяции
   
6!DoS-атака на сервис печати TCP/IP Windows NT
   
6!Еще одна уязвимость в MS Index Server
   
                    

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru