Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2006-1313 (GCVE-0-2006-1313)

Vulnerability from nvd – Published: 2006-06-13 19:00 – Updated: 2024-08-07 17:03

Summary

Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://securitytracker.com/id?1016283	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/2321	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA06-164A.html	third-party-advisoryx_refsource_CERT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/390044	third-party-advisoryx_refsource_CERT-VN
	http://www.osvdb.org/26434	vdb-entryx_refsource_OSVDB
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/bid/18359	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/20620	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:29.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1785",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
          },
          {
            "name": "oval:org.mitre.oval:def:1644",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
          },
          {
            "name": "1016283",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016283"
          },
          {
            "name": "ms-jscript-code-execution(26805)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
          },
          {
            "name": "ADV-2006-2321",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2321"
          },
          {
            "name": "TA06-164A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:1067",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
          },
          {
            "name": "VU#390044",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/390044"
          },
          {
            "name": "26434",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26434"
          },
          {
            "name": "MS06-023",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
          },
          {
            "name": "18359",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18359"
          },
          {
            "name": "oval:org.mitre.oval:def:2003",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
          },
          {
            "name": "20620",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20620"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1785",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
        },
        {
          "name": "oval:org.mitre.oval:def:1644",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
        },
        {
          "name": "1016283",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016283"
        },
        {
          "name": "ms-jscript-code-execution(26805)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
        },
        {
          "name": "ADV-2006-2321",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2321"
        },
        {
          "name": "TA06-164A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:1067",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
        },
        {
          "name": "VU#390044",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/390044"
        },
        {
          "name": "26434",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26434"
        },
        {
          "name": "MS06-023",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
        },
        {
          "name": "18359",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18359"
        },
        {
          "name": "oval:org.mitre.oval:def:2003",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
        },
        {
          "name": "20620",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20620"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-1313",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1785",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
            },
            {
              "name": "oval:org.mitre.oval:def:1644",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
            },
            {
              "name": "1016283",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016283"
            },
            {
              "name": "ms-jscript-code-execution(26805)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
            },
            {
              "name": "ADV-2006-2321",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2321"
            },
            {
              "name": "TA06-164A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1067",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
            },
            {
              "name": "VU#390044",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/390044"
            },
            {
              "name": "26434",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26434"
            },
            {
              "name": "MS06-023",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
            },
            {
              "name": "18359",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18359"
            },
            {
              "name": "oval:org.mitre.oval:def:2003",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
            },
            {
              "name": "20620",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20620"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-1313",
    "datePublished": "2006-06-13T19:00:00",
    "dateReserved": "2006-03-20T00:00:00",
    "dateUpdated": "2024-08-07T17:03:29.012Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-2376 (GCVE-0-2006-2376)

Vulnerability from nvd – Published: 2006-06-13 18:00 – Updated: 2024-08-07 17:51

Summary

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://securityreason.com/securityalert/1094	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2006/2324	vdb-entryx_refsource_VUPEN
	http://www.osvdb.org/26431	vdb-entryx_refsource_OSVDB
	http://www.us-cert.gov/cas/techalerts/TA06-164A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/20631	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/436950/100…	mailing-listx_refsource_BUGTRAQ
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1016286	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/909508	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/18322	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:51:03.738Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1094",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1094"
          },
          {
            "name": "ADV-2006-2324",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2324"
          },
          {
            "name": "26431",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26431"
          },
          {
            "name": "TA06-164A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
          },
          {
            "name": "20631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20631"
          },
          {
            "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
          },
          {
            "name": "MS06-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
          },
          {
            "name": "win-gre-wmf-code-execution(26815)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
          },
          {
            "name": "1016286",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016286"
          },
          {
            "name": "VU#909508",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/909508"
          },
          {
            "name": "18322",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18322"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1094",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1094"
        },
        {
          "name": "ADV-2006-2324",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2324"
        },
        {
          "name": "26431",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26431"
        },
        {
          "name": "TA06-164A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
        },
        {
          "name": "20631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20631"
        },
        {
          "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
        },
        {
          "name": "MS06-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
        },
        {
          "name": "win-gre-wmf-code-execution(26815)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
        },
        {
          "name": "1016286",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016286"
        },
        {
          "name": "VU#909508",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/909508"
        },
        {
          "name": "18322",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18322"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-2376",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1094",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1094"
            },
            {
              "name": "ADV-2006-2324",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2324"
            },
            {
              "name": "26431",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26431"
            },
            {
              "name": "TA06-164A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
            },
            {
              "name": "20631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20631"
            },
            {
              "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
            },
            {
              "name": "MS06-026",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
            },
            {
              "name": "win-gre-wmf-code-execution(26815)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
            },
            {
              "name": "1016286",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016286"
            },
            {
              "name": "VU#909508",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/909508"
            },
            {
              "name": "18322",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18322"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-2376",
    "datePublished": "2006-06-13T18:00:00",
    "dateReserved": "2006-05-15T00:00:00",
    "dateUpdated": "2024-08-07T17:51:03.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0012 (GCVE-0-2006-0012)

Vulnerability from nvd – Published: 2006-04-12 00:00 – Updated: 2024-08-07 16:18

Summary

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://www.securityfocus.com/bid/17464	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/19606	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA06-101A.html	third-party-advisoryx_refsource_CERT
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1015897	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.osvdb.org/24516	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/641460	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2006/1320	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17464",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17464"
          },
          {
            "name": "oval:org.mitre.oval:def:1743",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
          },
          {
            "name": "19606",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19606"
          },
          {
            "name": "TA06-101A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
          },
          {
            "name": "win-explorer-com-code-execution(25554)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
          },
          {
            "name": "1015897",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015897"
          },
          {
            "name": "MS06-015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
          },
          {
            "name": "oval:org.mitre.oval:def:1191",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
          },
          {
            "name": "oval:org.mitre.oval:def:1764",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
          },
          {
            "name": "24516",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/24516"
          },
          {
            "name": "oval:org.mitre.oval:def:1448",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
          },
          {
            "name": "oval:org.mitre.oval:def:1679",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
          },
          {
            "name": "VU#641460",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/641460"
          },
          {
            "name": "ADV-2006-1320",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1320"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "17464",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17464"
        },
        {
          "name": "oval:org.mitre.oval:def:1743",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
        },
        {
          "name": "19606",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19606"
        },
        {
          "name": "TA06-101A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
        },
        {
          "name": "win-explorer-com-code-execution(25554)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
        },
        {
          "name": "1015897",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015897"
        },
        {
          "name": "MS06-015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
        },
        {
          "name": "oval:org.mitre.oval:def:1191",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
        },
        {
          "name": "oval:org.mitre.oval:def:1764",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
        },
        {
          "name": "24516",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/24516"
        },
        {
          "name": "oval:org.mitre.oval:def:1448",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
        },
        {
          "name": "oval:org.mitre.oval:def:1679",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
        },
        {
          "name": "VU#641460",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/641460"
        },
        {
          "name": "ADV-2006-1320",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1320"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0012",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17464",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17464"
            },
            {
              "name": "oval:org.mitre.oval:def:1743",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
            },
            {
              "name": "19606",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19606"
            },
            {
              "name": "TA06-101A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
            },
            {
              "name": "win-explorer-com-code-execution(25554)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
            },
            {
              "name": "1015897",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015897"
            },
            {
              "name": "MS06-015",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
            },
            {
              "name": "oval:org.mitre.oval:def:1191",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
            },
            {
              "name": "oval:org.mitre.oval:def:1764",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
            },
            {
              "name": "24516",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/24516"
            },
            {
              "name": "oval:org.mitre.oval:def:1448",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
            },
            {
              "name": "oval:org.mitre.oval:def:1679",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
            },
            {
              "name": "VU#641460",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/641460"
            },
            {
              "name": "ADV-2006-1320",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1320"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0012",
    "datePublished": "2006-04-12T00:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0006 (GCVE-0-2006-0006)

Vulnerability from nvd – Published: 2006-02-14 22:00 – Updated: 2024-08-07 16:18

Summary

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.vupen.com/english/advisories/2006/0574	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/424983/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/16633	vdb-entryx_refsource_BID
	http://securityreason.com/securityalert/423	third-party-advisoryx_refsource_SREASON
	http://www.us-cert.gov/cas/techalerts/TA06-045A.html	third-party-advisoryx_refsource_CERT
	http://securitytracker.com/id?1015627	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/291396	third-party-advisoryx_refsource_CERT-VN
	http://www.eeye.com/html/research/advisories/AD20…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/425158/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://secunia.com/advisories/18835	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1256",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
          },
          {
            "name": "oval:org.mitre.oval:def:1578",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
          },
          {
            "name": "ADV-2006-0574",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0574"
          },
          {
            "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
          },
          {
            "name": "16633",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16633"
          },
          {
            "name": "423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/423"
          },
          {
            "name": "TA06-045A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
          },
          {
            "name": "1015627",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015627"
          },
          {
            "name": "VU#291396",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/291396"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
          },
          {
            "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
          },
          {
            "name": "win-media-player-bmp-bo(24488)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
          },
          {
            "name": "MS06-005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
          },
          {
            "name": "18835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18835"
          },
          {
            "name": "oval:org.mitre.oval:def:1598",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
          },
          {
            "name": "oval:org.mitre.oval:def:1661",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1256",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
        },
        {
          "name": "oval:org.mitre.oval:def:1578",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
        },
        {
          "name": "ADV-2006-0574",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0574"
        },
        {
          "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
        },
        {
          "name": "16633",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16633"
        },
        {
          "name": "423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/423"
        },
        {
          "name": "TA06-045A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
        },
        {
          "name": "1015627",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015627"
        },
        {
          "name": "VU#291396",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/291396"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
        },
        {
          "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
        },
        {
          "name": "win-media-player-bmp-bo(24488)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
        },
        {
          "name": "MS06-005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
        },
        {
          "name": "18835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18835"
        },
        {
          "name": "oval:org.mitre.oval:def:1598",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
        },
        {
          "name": "oval:org.mitre.oval:def:1661",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0006",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1256",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
            },
            {
              "name": "oval:org.mitre.oval:def:1578",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
            },
            {
              "name": "ADV-2006-0574",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0574"
            },
            {
              "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
            },
            {
              "name": "16633",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16633"
            },
            {
              "name": "423",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/423"
            },
            {
              "name": "TA06-045A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
            },
            {
              "name": "1015627",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015627"
            },
            {
              "name": "VU#291396",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/291396"
            },
            {
              "name": "http://www.eeye.com/html/research/advisories/AD20060214.html",
              "refsource": "MISC",
              "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
            },
            {
              "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
            },
            {
              "name": "win-media-player-bmp-bo(24488)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
            },
            {
              "name": "MS06-005",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
            },
            {
              "name": "18835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18835"
            },
            {
              "name": "oval:org.mitre.oval:def:1598",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
            },
            {
              "name": "oval:org.mitre.oval:def:1661",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0006",
    "datePublished": "2006-02-14T22:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0010 (GCVE-0-2006-0010)

Vulnerability from nvd – Published: 2006-01-10 22:00 – Updated: 2024-08-07 16:18

Summary

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://seclists.org/fulldisclosure/2006/Jan/363	mailing-listx_refsource_FULLDISC
	http://www130.nortelnetworks.com/cgi-bin/eserv/cs…	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/915930	third-party-advisoryx_refsource_CERT-VN
	http://www.eeye.com/html/Research/Advisories/EEYE…	third-party-advisoryx_refsource_EEYE
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://www.osvdb.org/18829	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2006/0118	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/18391	third-party-advisoryx_refsource_SECUNIA
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://securitytracker.com/id?1015459	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/18311	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/18365	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/archive/1/421885/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/16194	vdb-entryx_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA06-010A.html	third-party-advisoryx_refsource_CERT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
          },
          {
            "name": "VU#915930",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/915930"
          },
          {
            "name": "EEYEB20050801",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
          },
          {
            "name": "18829",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/18829"
          },
          {
            "name": "ADV-2006-0118",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0118"
          },
          {
            "name": "18391",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18391"
          },
          {
            "name": "MS06-002",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
          },
          {
            "name": "win-embedded-fonts-bo(23922)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
          },
          {
            "name": "oval:org.mitre.oval:def:698",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
          },
          {
            "name": "oval:org.mitre.oval:def:1185",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
          },
          {
            "name": "oval:org.mitre.oval:def:714",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
          },
          {
            "name": "oval:org.mitre.oval:def:1462",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
          },
          {
            "name": "1015459",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015459"
          },
          {
            "name": "18311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18311"
          },
          {
            "name": "oval:org.mitre.oval:def:1126",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
          },
          {
            "name": "18365",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18365"
          },
          {
            "name": "oval:org.mitre.oval:def:1491",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
          },
          {
            "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
          },
          {
            "name": "16194",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16194"
          },
          {
            "name": "TA06-010A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
        },
        {
          "name": "VU#915930",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/915930"
        },
        {
          "name": "EEYEB20050801",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
        },
        {
          "name": "18829",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/18829"
        },
        {
          "name": "ADV-2006-0118",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0118"
        },
        {
          "name": "18391",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18391"
        },
        {
          "name": "MS06-002",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
        },
        {
          "name": "win-embedded-fonts-bo(23922)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
        },
        {
          "name": "oval:org.mitre.oval:def:698",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
        },
        {
          "name": "oval:org.mitre.oval:def:1185",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
        },
        {
          "name": "oval:org.mitre.oval:def:714",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
        },
        {
          "name": "oval:org.mitre.oval:def:1462",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
        },
        {
          "name": "1015459",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015459"
        },
        {
          "name": "18311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18311"
        },
        {
          "name": "oval:org.mitre.oval:def:1126",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
        },
        {
          "name": "18365",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18365"
        },
        {
          "name": "oval:org.mitre.oval:def:1491",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
        },
        {
          "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
        },
        {
          "name": "16194",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16194"
        },
        {
          "name": "TA06-010A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0010",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
            },
            {
              "name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525",
              "refsource": "MISC",
              "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
            },
            {
              "name": "VU#915930",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/915930"
            },
            {
              "name": "EEYEB20050801",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
            },
            {
              "name": "18829",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/18829"
            },
            {
              "name": "ADV-2006-0118",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0118"
            },
            {
              "name": "18391",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18391"
            },
            {
              "name": "MS06-002",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
            },
            {
              "name": "win-embedded-fonts-bo(23922)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
            },
            {
              "name": "oval:org.mitre.oval:def:698",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
            },
            {
              "name": "oval:org.mitre.oval:def:1185",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
            },
            {
              "name": "oval:org.mitre.oval:def:714",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
            },
            {
              "name": "oval:org.mitre.oval:def:1462",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
            },
            {
              "name": "1015459",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015459"
            },
            {
              "name": "18311",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18311"
            },
            {
              "name": "oval:org.mitre.oval:def:1126",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
            },
            {
              "name": "18365",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18365"
            },
            {
              "name": "oval:org.mitre.oval:def:1491",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
            },
            {
              "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
            },
            {
              "name": "16194",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16194"
            },
            {
              "name": "TA06-010A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0010",
    "datePublished": "2006-01-10T22:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0020 (GCVE-0-2006-0020)

Vulnerability from nvd – Published: 2006-01-10 21:00 – Updated: 2024-08-07 16:18

Summary

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.osvdb.org/22976	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/18912	third-party-advisoryx_refsource_SECUNIA
	http://linuxbox.org/pipermail/funsec/2006-January…	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/18729	third-party-advisoryx_refsource_SECUNIA
	http://www.microsoft.com/technet/security/advisor…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/312956	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2006/0469	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA06-045A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/bid/16516	vdb-entryx_refsource_BID
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1638",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
          },
          {
            "name": "22976",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22976"
          },
          {
            "name": "18912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18912"
          },
          {
            "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
          },
          {
            "name": "18729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
          },
          {
            "name": "VU#312956",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/312956"
          },
          {
            "name": "ADV-2006-0469",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0469"
          },
          {
            "name": "TA06-045A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
          },
          {
            "name": "16516",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16516"
          },
          {
            "name": "MS06-004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1638",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
        },
        {
          "name": "22976",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22976"
        },
        {
          "name": "18912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18912"
        },
        {
          "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
        },
        {
          "name": "18729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
        },
        {
          "name": "VU#312956",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/312956"
        },
        {
          "name": "ADV-2006-0469",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0469"
        },
        {
          "name": "TA06-045A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
        },
        {
          "name": "16516",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16516"
        },
        {
          "name": "MS06-004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1638",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
            },
            {
              "name": "22976",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22976"
            },
            {
              "name": "18912",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18912"
            },
            {
              "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
              "refsource": "MLIST",
              "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
            },
            {
              "name": "18729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18729"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/913333.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
            },
            {
              "name": "VU#312956",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/312956"
            },
            {
              "name": "ADV-2006-0469",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0469"
            },
            {
              "name": "TA06-045A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
            },
            {
              "name": "16516",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16516"
            },
            {
              "name": "MS06-004",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0020",
    "datePublished": "2006-01-10T21:00:00",
    "dateReserved": "2005-11-30T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0143 (GCVE-0-2006-0143)

Vulnerability from nvd – Published: 2006-01-09 20:00 – Updated: 2024-08-07 16:25

Summary

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1015453	vdb-entryx_refsource_SECTRACK
	http://lostmon.blogspot.com/2007/08/windows-exten…	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/16167	vdb-entryx_refsource_BID
	http://blogs.technet.com/msrc/archive/2006/01/09/…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/421258/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/421257/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2006/0115	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015453",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015453"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
          },
          {
            "name": "win-gre-wmf-dos(24044)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
          },
          {
            "name": "16167",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16167"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
          },
          {
            "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
          },
          {
            "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
          },
          {
            "name": "ADV-2006-0115",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0115"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015453",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015453"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
        },
        {
          "name": "win-gre-wmf-dos(24044)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
        },
        {
          "name": "16167",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16167"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
        },
        {
          "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
        },
        {
          "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
        },
        {
          "name": "ADV-2006-0115",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0115"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015453",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015453"
            },
            {
              "name": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html",
              "refsource": "MISC",
              "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
            },
            {
              "name": "win-gre-wmf-dos(24044)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
            },
            {
              "name": "16167",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16167"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
            },
            {
              "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
            },
            {
              "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
            },
            {
              "name": "ADV-2006-0115",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0115"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0143",
    "datePublished": "2006-01-09T20:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0058 (GCVE-0-2005-0058)

Vulnerability from nvd – Published: 2005-08-10 04:00 – Updated: 2024-08-07 20:57

Summary

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/14518	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://securitytracker.com/id?1014639	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/16354/	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1297",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
          },
          {
            "name": "oval:org.mitre.oval:def:100088",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
          },
          {
            "name": "14518",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14518"
          },
          {
            "name": "oval:org.mitre.oval:def:1075",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
          },
          {
            "name": "MS05-040",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
          },
          {
            "name": "1014639",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014639"
          },
          {
            "name": "oval:org.mitre.oval:def:100086",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
          },
          {
            "name": "16354",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16354/"
          },
          {
            "name": "oval:org.mitre.oval:def:100084",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
          },
          {
            "name": "oval:org.mitre.oval:def:1213",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
          },
          {
            "name": "oval:org.mitre.oval:def:100085",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-08-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1297",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
        },
        {
          "name": "oval:org.mitre.oval:def:100088",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
        },
        {
          "name": "14518",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14518"
        },
        {
          "name": "oval:org.mitre.oval:def:1075",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
        },
        {
          "name": "MS05-040",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
        },
        {
          "name": "1014639",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014639"
        },
        {
          "name": "oval:org.mitre.oval:def:100086",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
        },
        {
          "name": "16354",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16354/"
        },
        {
          "name": "oval:org.mitre.oval:def:100084",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
        },
        {
          "name": "oval:org.mitre.oval:def:1213",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
        },
        {
          "name": "oval:org.mitre.oval:def:100085",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0058",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1297",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
            },
            {
              "name": "oval:org.mitre.oval:def:100088",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
            },
            {
              "name": "14518",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/14518"
            },
            {
              "name": "oval:org.mitre.oval:def:1075",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
            },
            {
              "name": "MS05-040",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
            },
            {
              "name": "1014639",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014639"
            },
            {
              "name": "oval:org.mitre.oval:def:100086",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
            },
            {
              "name": "16354",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16354/"
            },
            {
              "name": "oval:org.mitre.oval:def:100084",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
            },
            {
              "name": "oval:org.mitre.oval:def:1213",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
            },
            {
              "name": "oval:org.mitre.oval:def:100085",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0058",
    "datePublished": "2005-08-10T04:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:41.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2388 (GCVE-0-2005-2388)

Vulnerability from nvd – Published: 2005-07-27 04:00 – Updated: 2024-08-07 22:22

Summary

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.eweek.com/article2/0%2C1759%2C1840131%…	x_refsource_MISC
	http://securitytracker.com/id?1014566	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/16210	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.osvdb.org/18493	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/14376	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:22:49.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp"
          },
          {
            "name": "1014566",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014566"
          },
          {
            "name": "16210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16210"
          },
          {
            "name": "windows-usb-device-bo(21539)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
          },
          {
            "name": "18493",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/18493"
          },
          {
            "name": "14376",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14376"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp"
        },
        {
          "name": "1014566",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014566"
        },
        {
          "name": "16210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16210"
        },
        {
          "name": "windows-usb-device-bo(21539)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
        },
        {
          "name": "18493",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/18493"
        },
        {
          "name": "14376",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14376"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2388",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.eweek.com/article2/0,1759,1840131,00.asp",
              "refsource": "MISC",
              "url": "http://www.eweek.com/article2/0,1759,1840131,00.asp"
            },
            {
              "name": "1014566",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014566"
            },
            {
              "name": "16210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16210"
            },
            {
              "name": "windows-usb-device-bo(21539)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
            },
            {
              "name": "18493",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/18493"
            },
            {
              "name": "14376",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/14376"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2388",
    "datePublished": "2005-07-27T04:00:00",
    "dateReserved": "2005-07-27T00:00:00",
    "dateUpdated": "2024-08-07T22:22:49.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1212 (GCVE-0-2005-1212)

Vulnerability from nvd – Published: 2005-06-14 04:00 – Updated: 2024-08-07 21:44

Summary

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://www.securityfocus.com/bid/13944	vdb-entryx_refsource_BID
	http://idefense.com/application/poi/display?id=26…	third-party-advisoryx_refsource_IDEFENSE
	http://secunia.com/advisories/15669/	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1014194	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:05.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13944"
          },
          {
            "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "name": "15669",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15669/"
          },
          {
            "name": "1014194",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014194"
          },
          {
            "name": "MS05-031",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
          },
          {
            "name": "oval:org.mitre.oval:def:1224",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "13944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13944"
        },
        {
          "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
        },
        {
          "name": "15669",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15669/"
        },
        {
          "name": "1014194",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014194"
        },
        {
          "name": "MS05-031",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
        },
        {
          "name": "oval:org.mitre.oval:def:1224",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2005-1212",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13944"
            },
            {
              "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
            },
            {
              "name": "15669",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15669/"
            },
            {
              "name": "1014194",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014194"
            },
            {
              "name": "MS05-031",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
            },
            {
              "name": "oval:org.mitre.oval:def:1224",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2005-1212",
    "datePublished": "2005-06-14T04:00:00",
    "dateReserved": "2005-04-22T00:00:00",
    "dateUpdated": "2024-08-07T21:44:05.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1214 (GCVE-0-2005-1214)

Vulnerability from nvd – Published: 2005-06-14 04:00 – Updated: 2024-08-07 21:44

Summary

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/bid/13948	vdb-entryx_refsource_BID
	http://secunia.com/advisories/15689	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:06.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:682",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
          },
          {
            "name": "MS05-032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
          },
          {
            "name": "13948",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13948"
          },
          {
            "name": "15689",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15689"
          },
          {
            "name": "oval:org.mitre.oval:def:906",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
          },
          {
            "name": "oval:org.mitre.oval:def:1194",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:682",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
        },
        {
          "name": "MS05-032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
        },
        {
          "name": "13948",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13948"
        },
        {
          "name": "15689",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15689"
        },
        {
          "name": "oval:org.mitre.oval:def:906",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
        },
        {
          "name": "oval:org.mitre.oval:def:1194",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2005-1214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:682",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
            },
            {
              "name": "MS05-032",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
            },
            {
              "name": "13948",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13948"
            },
            {
              "name": "15689",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15689"
            },
            {
              "name": "oval:org.mitre.oval:def:906",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
            },
            {
              "name": "oval:org.mitre.oval:def:1194",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2005-1214",
    "datePublished": "2005-06-14T04:00:00",
    "dateReserved": "2005-04-22T00:00:00",
    "dateUpdated": "2024-08-07T21:44:06.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1191 (GCVE-0-2005-1191)

Vulnerability from nvd – Published: 2005-04-19 04:00 – Updated: 2024-08-07 21:44

Summary

The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/archive/1/396224	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/13248	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2005/0509	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://security.greymagic.com/security/advisories…	x_refsource_MISC
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:05.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050419 File Selection May Lead to Command Execution (GM#015-IE)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/396224"
          },
          {
            "name": "13248",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13248"
          },
          {
            "name": "ADV-2005-0509",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/0509"
          },
          {
            "name": "windows-web-view-command-execution(20380)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20380"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.greymagic.com/security/advisories/gm015-ie"
          },
          {
            "name": "MS05-024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024"
          },
          {
            "name": "oval:org.mitre.oval:def:3585",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe (\"\u0027\") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050419 File Selection May Lead to Command Execution (GM#015-IE)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/396224"
        },
        {
          "name": "13248",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13248"
        },
        {
          "name": "ADV-2005-0509",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/0509"
        },
        {
          "name": "windows-web-view-command-execution(20380)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20380"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.greymagic.com/security/advisories/gm015-ie"
        },
        {
          "name": "MS05-024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024"
        },
        {
          "name": "oval:org.mitre.oval:def:3585",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1191",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe (\"\u0027\") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050419 File Selection May Lead to Command Execution (GM#015-IE)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/396224"
            },
            {
              "name": "13248",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13248"
            },
            {
              "name": "ADV-2005-0509",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/0509"
            },
            {
              "name": "windows-web-view-command-execution(20380)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20380"
            },
            {
              "name": "http://security.greymagic.com/security/advisories/gm015-ie",
              "refsource": "MISC",
              "url": "http://security.greymagic.com/security/advisories/gm015-ie"
            },
            {
              "name": "MS05-024",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-024"
            },
            {
              "name": "oval:org.mitre.oval:def:3585",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3585"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1191",
    "datePublished": "2005-04-19T04:00:00",
    "dateReserved": "2005-04-19T00:00:00",
    "dateUpdated": "2024-08-07T21:44:05.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0057 (GCVE-0-2005-0057)

Vulnerability from nvd – Published: 2005-02-08 05:00 – Updated: 2024-08-07 20:57

Summary

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA05-039A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/bid/12479	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://securitytracker.com/id?1013119	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/14195	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/820427	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS05-015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015"
          },
          {
            "name": "oval:org.mitre.oval:def:713",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713"
          },
          {
            "name": "TA05-039A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
          },
          {
            "name": "12479",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12479"
          },
          {
            "name": "win-hyperlink-code-execution(19110)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110"
          },
          {
            "name": "oval:org.mitre.oval:def:3203",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203"
          },
          {
            "name": "1013119",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013119"
          },
          {
            "name": "14195",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14195"
          },
          {
            "name": "oval:org.mitre.oval:def:2570",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570"
          },
          {
            "name": "VU#820427",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/820427"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an \"unchecked buffer\" in the library, possibly due to a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MS05-015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015"
        },
        {
          "name": "oval:org.mitre.oval:def:713",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713"
        },
        {
          "name": "TA05-039A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
        },
        {
          "name": "12479",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12479"
        },
        {
          "name": "win-hyperlink-code-execution(19110)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110"
        },
        {
          "name": "oval:org.mitre.oval:def:3203",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203"
        },
        {
          "name": "1013119",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013119"
        },
        {
          "name": "14195",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14195"
        },
        {
          "name": "oval:org.mitre.oval:def:2570",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570"
        },
        {
          "name": "VU#820427",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/820427"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0057",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an \"unchecked buffer\" in the library, possibly due to a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS05-015",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-015"
            },
            {
              "name": "oval:org.mitre.oval:def:713",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A713"
            },
            {
              "name": "TA05-039A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
            },
            {
              "name": "12479",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12479"
            },
            {
              "name": "win-hyperlink-code-execution(19110)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19110"
            },
            {
              "name": "oval:org.mitre.oval:def:3203",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3203"
            },
            {
              "name": "1013119",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1013119"
            },
            {
              "name": "14195",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14195"
            },
            {
              "name": "oval:org.mitre.oval:def:2570",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2570"
            },
            {
              "name": "VU#820427",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/820427"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0057",
    "datePublished": "2005-02-08T05:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:41.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0053 (GCVE-0-2005-0053)

Vulnerability from nvd – Published: 2005-02-08 05:00 – Updated: 2024-08-07 20:57

Summary

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA05-039A.html	third-party-advisoryx_refsource_CERT
	http://www.kb.cert.org/vuls/id/698835	third-party-advisoryx_refsource_CERT-VN
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/11466	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS05-008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008"
          },
          {
            "name": "oval:org.mitre.oval:def:4726",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726"
          },
          {
            "name": "MS05-014",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014"
          },
          {
            "name": "oval:org.mitre.oval:def:4864",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864"
          },
          {
            "name": "oval:org.mitre.oval:def:1334",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334"
          },
          {
            "name": "oval:org.mitre.oval:def:2046",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046"
          },
          {
            "name": "oval:org.mitre.oval:def:2953",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953"
          },
          {
            "name": "TA05-039A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
          },
          {
            "name": "VU#698835",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/698835"
          },
          {
            "name": "oval:org.mitre.oval:def:1015",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015"
          },
          {
            "name": "11466",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11466"
          },
          {
            "name": "oval:org.mitre.oval:def:3006",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006"
          },
          {
            "name": "ie-dragdrop-gain-privileges(19117)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the \"Drag-and-Drop Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MS05-008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008"
        },
        {
          "name": "oval:org.mitre.oval:def:4726",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726"
        },
        {
          "name": "MS05-014",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014"
        },
        {
          "name": "oval:org.mitre.oval:def:4864",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864"
        },
        {
          "name": "oval:org.mitre.oval:def:1334",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334"
        },
        {
          "name": "oval:org.mitre.oval:def:2046",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046"
        },
        {
          "name": "oval:org.mitre.oval:def:2953",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953"
        },
        {
          "name": "TA05-039A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
        },
        {
          "name": "VU#698835",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/698835"
        },
        {
          "name": "oval:org.mitre.oval:def:1015",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015"
        },
        {
          "name": "11466",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11466"
        },
        {
          "name": "oval:org.mitre.oval:def:3006",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006"
        },
        {
          "name": "ie-dragdrop-gain-privileges(19117)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the \"Drag-and-Drop Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS05-008",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008"
            },
            {
              "name": "oval:org.mitre.oval:def:4726",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726"
            },
            {
              "name": "MS05-014",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014"
            },
            {
              "name": "oval:org.mitre.oval:def:4864",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864"
            },
            {
              "name": "oval:org.mitre.oval:def:1334",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334"
            },
            {
              "name": "oval:org.mitre.oval:def:2046",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046"
            },
            {
              "name": "oval:org.mitre.oval:def:2953",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953"
            },
            {
              "name": "TA05-039A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
            },
            {
              "name": "VU#698835",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/698835"
            },
            {
              "name": "oval:org.mitre.oval:def:1015",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015"
            },
            {
              "name": "11466",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11466"
            },
            {
              "name": "oval:org.mitre.oval:def:3006",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006"
            },
            {
              "name": "ie-dragdrop-gain-privileges(19117)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19117"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0053",
    "datePublished": "2005-02-08T05:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:41.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0044 (GCVE-0-2005-0044)

Vulnerability from nvd – Published: 2005-02-08 05:00 – Updated: 2024-08-07 20:57

Summary

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/927889	third-party-advisoryx_refsource_CERT-VN
	http://www.us-cert.gov/cas/techalerts/TA05-039A.html	third-party-advisoryx_refsource_CERT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:2917",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917"
          },
          {
            "name": "win-ole-code-execution(19109)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19109"
          },
          {
            "name": "oval:org.mitre.oval:def:1180",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180"
          },
          {
            "name": "VU#927889",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/927889"
          },
          {
            "name": "TA05-039A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:3568",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3568"
          },
          {
            "name": "MS05-012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012"
          },
          {
            "name": "oval:org.mitre.oval:def:4499",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4499"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the \"Input Validation Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:2917",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917"
        },
        {
          "name": "win-ole-code-execution(19109)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19109"
        },
        {
          "name": "oval:org.mitre.oval:def:1180",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180"
        },
        {
          "name": "VU#927889",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/927889"
        },
        {
          "name": "TA05-039A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:3568",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3568"
        },
        {
          "name": "MS05-012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012"
        },
        {
          "name": "oval:org.mitre.oval:def:4499",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4499"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0044",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the \"Input Validation Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:2917",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917"
            },
            {
              "name": "win-ole-code-execution(19109)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19109"
            },
            {
              "name": "oval:org.mitre.oval:def:1180",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180"
            },
            {
              "name": "VU#927889",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/927889"
            },
            {
              "name": "TA05-039A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA05-039A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:3568",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3568"
            },
            {
              "name": "MS05-012",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012"
            },
            {
              "name": "oval:org.mitre.oval:def:4499",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4499"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0044",
    "datePublished": "2005-02-08T05:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0063 (GCVE-0-2005-0063)

Vulnerability from nvd – Published: 2005-04-13 04:00 – Updated: 2024-08-07 20:57

Summary

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://marc.info/?l=bugtraq&m=111755356016155&w=2	mailing-listx_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securiteam.com/exploits/5YP0T0AFFW.html	x_refsource_MISC
	http://www.idefense.com/application/poi/display?i…	third-party-advisoryx_refsource_IDEFENSE
	http://www.vupen.com/english/advisories/2005/0335	vdb-entryx_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/13132	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.862Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:3456",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456"
          },
          {
            "name": "MS05-016",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016"
          },
          {
            "name": "oval:org.mitre.oval:def:407",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407"
          },
          {
            "name": "20050529 Spam exploiting MS05-016",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=111755356016155\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:587",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securiteam.com/exploits/5YP0T0AFFW.html"
          },
          {
            "name": "20050412 Microsoft MSHTA Script Execution Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=231\u0026type=vulnerabilities"
          },
          {
            "name": "ADV-2005-0335",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/0335"
          },
          {
            "name": "oval:org.mitre.oval:def:573",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573"
          },
          {
            "name": "oval:org.mitre.oval:def:2184",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184"
          },
          {
            "name": "oval:org.mitre.oval:def:4710",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710"
          },
          {
            "name": "13132",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13132"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:3456",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456"
        },
        {
          "name": "MS05-016",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016"
        },
        {
          "name": "oval:org.mitre.oval:def:407",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407"
        },
        {
          "name": "20050529 Spam exploiting MS05-016",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=111755356016155\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:587",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securiteam.com/exploits/5YP0T0AFFW.html"
        },
        {
          "name": "20050412 Microsoft MSHTA Script Execution Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=231\u0026type=vulnerabilities"
        },
        {
          "name": "ADV-2005-0335",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/0335"
        },
        {
          "name": "oval:org.mitre.oval:def:573",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573"
        },
        {
          "name": "oval:org.mitre.oval:def:2184",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184"
        },
        {
          "name": "oval:org.mitre.oval:def:4710",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710"
        },
        {
          "name": "13132",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13132"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:3456",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3456"
            },
            {
              "name": "MS05-016",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-016"
            },
            {
              "name": "oval:org.mitre.oval:def:407",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A407"
            },
            {
              "name": "20050529 Spam exploiting MS05-016",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=111755356016155\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:587",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A587"
            },
            {
              "name": "http://www.securiteam.com/exploits/5YP0T0AFFW.html",
              "refsource": "MISC",
              "url": "http://www.securiteam.com/exploits/5YP0T0AFFW.html"
            },
            {
              "name": "20050412 Microsoft MSHTA Script Execution Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=231\u0026type=vulnerabilities"
            },
            {
              "name": "ADV-2005-0335",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/0335"
            },
            {
              "name": "oval:org.mitre.oval:def:573",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A573"
            },
            {
              "name": "oval:org.mitre.oval:def:2184",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2184"
            },
            {
              "name": "oval:org.mitre.oval:def:4710",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4710"
            },
            {
              "name": "13132",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13132"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0063",
    "datePublished": "2005-04-13T04:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.862Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0061 (GCVE-0-2005-0061)

Vulnerability from nvd – Published: 2005-04-13 04:00 – Updated: 2024-08-07 20:57

Summary

The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.958Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:4593",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593"
          },
          {
            "name": "oval:org.mitre.oval:def:3994",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994"
          },
          {
            "name": "oval:org.mitre.oval:def:1761",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761"
          },
          {
            "name": "MS05-018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
          },
          {
            "name": "oval:org.mitre.oval:def:1656",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:4593",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593"
        },
        {
          "name": "oval:org.mitre.oval:def:3994",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994"
        },
        {
          "name": "oval:org.mitre.oval:def:1761",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761"
        },
        {
          "name": "MS05-018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
        },
        {
          "name": "oval:org.mitre.oval:def:1656",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0061",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:4593",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4593"
            },
            {
              "name": "oval:org.mitre.oval:def:3994",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3994"
            },
            {
              "name": "oval:org.mitre.oval:def:1761",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1761"
            },
            {
              "name": "MS05-018",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
            },
            {
              "name": "oval:org.mitre.oval:def:1656",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1656"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0061",
    "datePublished": "2005-04-13T04:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0060 (GCVE-0-2005-0060)

Vulnerability from nvd – Published: 2005-04-13 04:00 – Updated: 2024-08-07 20:57

Summary

Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.ngssoftware.com/advisories/ms-01.txt	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://marc.info/?l=bugtraq&m=111343529426926&w=2	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.093Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/ms-01.txt"
          },
          {
            "name": "oval:org.mitre.oval:def:2731",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2731"
          },
          {
            "name": "oval:org.mitre.oval:def:2562",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2562"
          },
          {
            "name": "oval:org.mitre.oval:def:4797",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4797"
          },
          {
            "name": "oval:org.mitre.oval:def:3941",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3941"
          },
          {
            "name": "MS05-018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
          },
          {
            "name": "20050413 Windows kernel overflow fixed",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=111343529426926\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/ms-01.txt"
        },
        {
          "name": "oval:org.mitre.oval:def:2731",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2731"
        },
        {
          "name": "oval:org.mitre.oval:def:2562",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2562"
        },
        {
          "name": "oval:org.mitre.oval:def:4797",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4797"
        },
        {
          "name": "oval:org.mitre.oval:def:3941",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3941"
        },
        {
          "name": "MS05-018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
        },
        {
          "name": "20050413 Windows kernel overflow fixed",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=111343529426926\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0060",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ngssoftware.com/advisories/ms-01.txt",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/ms-01.txt"
            },
            {
              "name": "oval:org.mitre.oval:def:2731",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2731"
            },
            {
              "name": "oval:org.mitre.oval:def:2562",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2562"
            },
            {
              "name": "oval:org.mitre.oval:def:4797",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4797"
            },
            {
              "name": "oval:org.mitre.oval:def:3941",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3941"
            },
            {
              "name": "MS05-018",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018"
            },
            {
              "name": "20050413 Windows kernel overflow fixed",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=111343529426926\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0060",
    "datePublished": "2005-04-13T04:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:41.093Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1313 (GCVE-0-2006-1313)

Vulnerability from cvelistv5 – Published: 2006-06-13 19:00 – Updated: 2024-08-07 17:03

Summary

Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://securitytracker.com/id?1016283	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/2321	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA06-164A.html	third-party-advisoryx_refsource_CERT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/390044	third-party-advisoryx_refsource_CERT-VN
	http://www.osvdb.org/26434	vdb-entryx_refsource_OSVDB
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/bid/18359	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/20620	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:29.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1785",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
          },
          {
            "name": "oval:org.mitre.oval:def:1644",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
          },
          {
            "name": "1016283",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016283"
          },
          {
            "name": "ms-jscript-code-execution(26805)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
          },
          {
            "name": "ADV-2006-2321",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2321"
          },
          {
            "name": "TA06-164A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:1067",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
          },
          {
            "name": "VU#390044",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/390044"
          },
          {
            "name": "26434",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26434"
          },
          {
            "name": "MS06-023",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
          },
          {
            "name": "18359",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18359"
          },
          {
            "name": "oval:org.mitre.oval:def:2003",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
          },
          {
            "name": "20620",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20620"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1785",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
        },
        {
          "name": "oval:org.mitre.oval:def:1644",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
        },
        {
          "name": "1016283",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016283"
        },
        {
          "name": "ms-jscript-code-execution(26805)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
        },
        {
          "name": "ADV-2006-2321",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2321"
        },
        {
          "name": "TA06-164A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:1067",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
        },
        {
          "name": "VU#390044",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/390044"
        },
        {
          "name": "26434",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26434"
        },
        {
          "name": "MS06-023",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
        },
        {
          "name": "18359",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18359"
        },
        {
          "name": "oval:org.mitre.oval:def:2003",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
        },
        {
          "name": "20620",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20620"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-1313",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will \"release objects early\" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1785",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1785"
            },
            {
              "name": "oval:org.mitre.oval:def:1644",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1644"
            },
            {
              "name": "1016283",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016283"
            },
            {
              "name": "ms-jscript-code-execution(26805)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26805"
            },
            {
              "name": "ADV-2006-2321",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2321"
            },
            {
              "name": "TA06-164A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1067",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1067"
            },
            {
              "name": "VU#390044",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/390044"
            },
            {
              "name": "26434",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26434"
            },
            {
              "name": "MS06-023",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023"
            },
            {
              "name": "18359",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18359"
            },
            {
              "name": "oval:org.mitre.oval:def:2003",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2003"
            },
            {
              "name": "20620",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20620"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-1313",
    "datePublished": "2006-06-13T19:00:00",
    "dateReserved": "2006-03-20T00:00:00",
    "dateUpdated": "2024-08-07T17:03:29.012Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-2376 (GCVE-0-2006-2376)

Vulnerability from cvelistv5 – Published: 2006-06-13 18:00 – Updated: 2024-08-07 17:51

Summary

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://securityreason.com/securityalert/1094	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2006/2324	vdb-entryx_refsource_VUPEN
	http://www.osvdb.org/26431	vdb-entryx_refsource_OSVDB
	http://www.us-cert.gov/cas/techalerts/TA06-164A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/20631	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/436950/100…	mailing-listx_refsource_BUGTRAQ
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1016286	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/909508	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/18322	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:51:03.738Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1094",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1094"
          },
          {
            "name": "ADV-2006-2324",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2324"
          },
          {
            "name": "26431",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26431"
          },
          {
            "name": "TA06-164A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
          },
          {
            "name": "20631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20631"
          },
          {
            "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
          },
          {
            "name": "MS06-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
          },
          {
            "name": "win-gre-wmf-code-execution(26815)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
          },
          {
            "name": "1016286",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016286"
          },
          {
            "name": "VU#909508",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/909508"
          },
          {
            "name": "18322",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18322"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1094",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1094"
        },
        {
          "name": "ADV-2006-2324",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2324"
        },
        {
          "name": "26431",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26431"
        },
        {
          "name": "TA06-164A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
        },
        {
          "name": "20631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20631"
        },
        {
          "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
        },
        {
          "name": "MS06-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
        },
        {
          "name": "win-gre-wmf-code-execution(26815)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
        },
        {
          "name": "1016286",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016286"
        },
        {
          "name": "VU#909508",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/909508"
        },
        {
          "name": "18322",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18322"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-2376",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1094",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1094"
            },
            {
              "name": "ADV-2006-2324",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2324"
            },
            {
              "name": "26431",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26431"
            },
            {
              "name": "TA06-164A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
            },
            {
              "name": "20631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20631"
            },
            {
              "name": "20060613 SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/436950/100/0/threaded"
            },
            {
              "name": "MS06-026",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026"
            },
            {
              "name": "win-gre-wmf-code-execution(26815)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26815"
            },
            {
              "name": "1016286",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016286"
            },
            {
              "name": "VU#909508",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/909508"
            },
            {
              "name": "18322",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18322"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-2376",
    "datePublished": "2006-06-13T18:00:00",
    "dateReserved": "2006-05-15T00:00:00",
    "dateUpdated": "2024-08-07T17:51:03.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0012 (GCVE-0-2006-0012)

Vulnerability from cvelistv5 – Published: 2006-04-12 00:00 – Updated: 2024-08-07 16:18

Summary

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://www.securityfocus.com/bid/17464	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/19606	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA06-101A.html	third-party-advisoryx_refsource_CERT
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1015897	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.osvdb.org/24516	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/641460	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2006/1320	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17464",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17464"
          },
          {
            "name": "oval:org.mitre.oval:def:1743",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
          },
          {
            "name": "19606",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19606"
          },
          {
            "name": "TA06-101A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
          },
          {
            "name": "win-explorer-com-code-execution(25554)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
          },
          {
            "name": "1015897",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015897"
          },
          {
            "name": "MS06-015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
          },
          {
            "name": "oval:org.mitre.oval:def:1191",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
          },
          {
            "name": "oval:org.mitre.oval:def:1764",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
          },
          {
            "name": "24516",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/24516"
          },
          {
            "name": "oval:org.mitre.oval:def:1448",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
          },
          {
            "name": "oval:org.mitre.oval:def:1679",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
          },
          {
            "name": "VU#641460",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/641460"
          },
          {
            "name": "ADV-2006-1320",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1320"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "17464",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17464"
        },
        {
          "name": "oval:org.mitre.oval:def:1743",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
        },
        {
          "name": "19606",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19606"
        },
        {
          "name": "TA06-101A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
        },
        {
          "name": "win-explorer-com-code-execution(25554)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
        },
        {
          "name": "1015897",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015897"
        },
        {
          "name": "MS06-015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
        },
        {
          "name": "oval:org.mitre.oval:def:1191",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
        },
        {
          "name": "oval:org.mitre.oval:def:1764",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
        },
        {
          "name": "24516",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/24516"
        },
        {
          "name": "oval:org.mitre.oval:def:1448",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
        },
        {
          "name": "oval:org.mitre.oval:def:1679",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
        },
        {
          "name": "VU#641460",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/641460"
        },
        {
          "name": "ADV-2006-1320",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1320"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0012",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and \"crafted files and directories,\" aka the \"Windows Shell Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17464",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17464"
            },
            {
              "name": "oval:org.mitre.oval:def:1743",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1743"
            },
            {
              "name": "19606",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19606"
            },
            {
              "name": "TA06-101A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
            },
            {
              "name": "win-explorer-com-code-execution(25554)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25554"
            },
            {
              "name": "1015897",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015897"
            },
            {
              "name": "MS06-015",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-015"
            },
            {
              "name": "oval:org.mitre.oval:def:1191",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1191"
            },
            {
              "name": "oval:org.mitre.oval:def:1764",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1764"
            },
            {
              "name": "24516",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/24516"
            },
            {
              "name": "oval:org.mitre.oval:def:1448",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1448"
            },
            {
              "name": "oval:org.mitre.oval:def:1679",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1679"
            },
            {
              "name": "VU#641460",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/641460"
            },
            {
              "name": "ADV-2006-1320",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1320"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0012",
    "datePublished": "2006-04-12T00:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0006 (GCVE-0-2006-0006)

Vulnerability from cvelistv5 – Published: 2006-02-14 22:00 – Updated: 2024-08-07 16:18

Summary

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.vupen.com/english/advisories/2006/0574	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/424983/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/16633	vdb-entryx_refsource_BID
	http://securityreason.com/securityalert/423	third-party-advisoryx_refsource_SREASON
	http://www.us-cert.gov/cas/techalerts/TA06-045A.html	third-party-advisoryx_refsource_CERT
	http://securitytracker.com/id?1015627	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/291396	third-party-advisoryx_refsource_CERT-VN
	http://www.eeye.com/html/research/advisories/AD20…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/425158/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://secunia.com/advisories/18835	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1256",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
          },
          {
            "name": "oval:org.mitre.oval:def:1578",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
          },
          {
            "name": "ADV-2006-0574",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0574"
          },
          {
            "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
          },
          {
            "name": "16633",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16633"
          },
          {
            "name": "423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/423"
          },
          {
            "name": "TA06-045A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
          },
          {
            "name": "1015627",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015627"
          },
          {
            "name": "VU#291396",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/291396"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
          },
          {
            "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
          },
          {
            "name": "win-media-player-bmp-bo(24488)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
          },
          {
            "name": "MS06-005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
          },
          {
            "name": "18835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18835"
          },
          {
            "name": "oval:org.mitre.oval:def:1598",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
          },
          {
            "name": "oval:org.mitre.oval:def:1661",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1256",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
        },
        {
          "name": "oval:org.mitre.oval:def:1578",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
        },
        {
          "name": "ADV-2006-0574",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0574"
        },
        {
          "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
        },
        {
          "name": "16633",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16633"
        },
        {
          "name": "423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/423"
        },
        {
          "name": "TA06-045A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
        },
        {
          "name": "1015627",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015627"
        },
        {
          "name": "VU#291396",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/291396"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
        },
        {
          "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
        },
        {
          "name": "win-media-player-bmp-bo(24488)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
        },
        {
          "name": "MS06-005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
        },
        {
          "name": "18835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18835"
        },
        {
          "name": "oval:org.mitre.oval:def:1598",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
        },
        {
          "name": "oval:org.mitre.oval:def:1661",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0006",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1256",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256"
            },
            {
              "name": "oval:org.mitre.oval:def:1578",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578"
            },
            {
              "name": "ADV-2006-0574",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0574"
            },
            {
              "name": "20060214 [EEYEB-20051017] Windows Media Player BMP Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424983/100/0/threaded"
            },
            {
              "name": "16633",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16633"
            },
            {
              "name": "423",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/423"
            },
            {
              "name": "TA06-045A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
            },
            {
              "name": "1015627",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015627"
            },
            {
              "name": "VU#291396",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/291396"
            },
            {
              "name": "http://www.eeye.com/html/research/advisories/AD20060214.html",
              "refsource": "MISC",
              "url": "http://www.eeye.com/html/research/advisories/AD20060214.html"
            },
            {
              "name": "20060215 Windows Media Player BMP Heap Overflow (MS06-005)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/425158/100/0/threaded"
            },
            {
              "name": "win-media-player-bmp-bo(24488)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24488"
            },
            {
              "name": "MS06-005",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005"
            },
            {
              "name": "18835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18835"
            },
            {
              "name": "oval:org.mitre.oval:def:1598",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598"
            },
            {
              "name": "oval:org.mitre.oval:def:1661",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0006",
    "datePublished": "2006-02-14T22:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0010 (GCVE-0-2006-0010)

Vulnerability from cvelistv5 – Published: 2006-01-10 22:00 – Updated: 2024-08-07 16:18

Summary

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://seclists.org/fulldisclosure/2006/Jan/363	mailing-listx_refsource_FULLDISC
	http://www130.nortelnetworks.com/cgi-bin/eserv/cs…	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/915930	third-party-advisoryx_refsource_CERT-VN
	http://www.eeye.com/html/Research/Advisories/EEYE…	third-party-advisoryx_refsource_EEYE
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://www.osvdb.org/18829	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2006/0118	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/18391	third-party-advisoryx_refsource_SECUNIA
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://securitytracker.com/id?1015459	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/18311	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/18365	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/archive/1/421885/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/16194	vdb-entryx_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA06-010A.html	third-party-advisoryx_refsource_CERT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
          },
          {
            "name": "VU#915930",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/915930"
          },
          {
            "name": "EEYEB20050801",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
          },
          {
            "name": "18829",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/18829"
          },
          {
            "name": "ADV-2006-0118",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0118"
          },
          {
            "name": "18391",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18391"
          },
          {
            "name": "MS06-002",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
          },
          {
            "name": "win-embedded-fonts-bo(23922)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
          },
          {
            "name": "oval:org.mitre.oval:def:698",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
          },
          {
            "name": "oval:org.mitre.oval:def:1185",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
          },
          {
            "name": "oval:org.mitre.oval:def:714",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
          },
          {
            "name": "oval:org.mitre.oval:def:1462",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
          },
          {
            "name": "1015459",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015459"
          },
          {
            "name": "18311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18311"
          },
          {
            "name": "oval:org.mitre.oval:def:1126",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
          },
          {
            "name": "18365",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18365"
          },
          {
            "name": "oval:org.mitre.oval:def:1491",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
          },
          {
            "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
          },
          {
            "name": "16194",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16194"
          },
          {
            "name": "TA06-010A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
        },
        {
          "name": "VU#915930",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/915930"
        },
        {
          "name": "EEYEB20050801",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
        },
        {
          "name": "18829",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/18829"
        },
        {
          "name": "ADV-2006-0118",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0118"
        },
        {
          "name": "18391",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18391"
        },
        {
          "name": "MS06-002",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
        },
        {
          "name": "win-embedded-fonts-bo(23922)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
        },
        {
          "name": "oval:org.mitre.oval:def:698",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
        },
        {
          "name": "oval:org.mitre.oval:def:1185",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
        },
        {
          "name": "oval:org.mitre.oval:def:714",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
        },
        {
          "name": "oval:org.mitre.oval:def:1462",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
        },
        {
          "name": "1015459",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015459"
        },
        {
          "name": "18311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18311"
        },
        {
          "name": "oval:org.mitre.oval:def:1126",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
        },
        {
          "name": "18365",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18365"
        },
        {
          "name": "oval:org.mitre.oval:def:1491",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
        },
        {
          "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
        },
        {
          "name": "16194",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16194"
        },
        {
          "name": "TA06-010A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0010",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
            },
            {
              "name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525",
              "refsource": "MISC",
              "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
            },
            {
              "name": "VU#915930",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/915930"
            },
            {
              "name": "EEYEB20050801",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
            },
            {
              "name": "18829",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/18829"
            },
            {
              "name": "ADV-2006-0118",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0118"
            },
            {
              "name": "18391",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18391"
            },
            {
              "name": "MS06-002",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
            },
            {
              "name": "win-embedded-fonts-bo(23922)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
            },
            {
              "name": "oval:org.mitre.oval:def:698",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
            },
            {
              "name": "oval:org.mitre.oval:def:1185",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
            },
            {
              "name": "oval:org.mitre.oval:def:714",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
            },
            {
              "name": "oval:org.mitre.oval:def:1462",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
            },
            {
              "name": "1015459",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015459"
            },
            {
              "name": "18311",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18311"
            },
            {
              "name": "oval:org.mitre.oval:def:1126",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
            },
            {
              "name": "18365",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18365"
            },
            {
              "name": "oval:org.mitre.oval:def:1491",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
            },
            {
              "name": "20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
            },
            {
              "name": "16194",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16194"
            },
            {
              "name": "TA06-010A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0010",
    "datePublished": "2006-01-10T22:00:00",
    "dateReserved": "2005-11-09T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0020 (GCVE-0-2006-0020)

Vulnerability from cvelistv5 – Published: 2006-01-10 21:00 – Updated: 2024-08-07 16:18

Summary

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.osvdb.org/22976	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/18912	third-party-advisoryx_refsource_SECUNIA
	http://linuxbox.org/pipermail/funsec/2006-January…	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/18729	third-party-advisoryx_refsource_SECUNIA
	http://www.microsoft.com/technet/security/advisor…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/312956	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2006/0469	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA06-045A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/bid/16516	vdb-entryx_refsource_BID
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1638",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
          },
          {
            "name": "22976",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22976"
          },
          {
            "name": "18912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18912"
          },
          {
            "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
          },
          {
            "name": "18729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
          },
          {
            "name": "VU#312956",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/312956"
          },
          {
            "name": "ADV-2006-0469",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0469"
          },
          {
            "name": "TA06-045A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
          },
          {
            "name": "16516",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16516"
          },
          {
            "name": "MS06-004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1638",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
        },
        {
          "name": "22976",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22976"
        },
        {
          "name": "18912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18912"
        },
        {
          "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
        },
        {
          "name": "18729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
        },
        {
          "name": "VU#312956",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/312956"
        },
        {
          "name": "ADV-2006-0469",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0469"
        },
        {
          "name": "TA06-045A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
        },
        {
          "name": "16516",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16516"
        },
        {
          "name": "MS06-004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka \"WMF Image Parsing Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1638",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1638"
            },
            {
              "name": "22976",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22976"
            },
            {
              "name": "18912",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18912"
            },
            {
              "name": "[funsec] 20060110 Another WMF flaw without a Microsoft patch",
              "refsource": "MLIST",
              "url": "http://linuxbox.org/pipermail/funsec/2006-January/002828.html"
            },
            {
              "name": "18729",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18729"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/913333.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/913333.mspx"
            },
            {
              "name": "VU#312956",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/312956"
            },
            {
              "name": "ADV-2006-0469",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0469"
            },
            {
              "name": "TA06-045A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-045A.html"
            },
            {
              "name": "16516",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16516"
            },
            {
              "name": "MS06-004",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-004"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0020",
    "datePublished": "2006-01-10T21:00:00",
    "dateReserved": "2005-11-30T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0143 (GCVE-0-2006-0143)

Vulnerability from cvelistv5 – Published: 2006-01-09 20:00 – Updated: 2024-08-07 16:25

Summary

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1015453	vdb-entryx_refsource_SECTRACK
	http://lostmon.blogspot.com/2007/08/windows-exten…	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/16167	vdb-entryx_refsource_BID
	http://blogs.technet.com/msrc/archive/2006/01/09/…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/421258/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/421257/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2006/0115	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015453",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015453"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
          },
          {
            "name": "win-gre-wmf-dos(24044)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
          },
          {
            "name": "16167",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16167"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
          },
          {
            "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
          },
          {
            "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
          },
          {
            "name": "ADV-2006-0115",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0115"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015453",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015453"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
        },
        {
          "name": "win-gre-wmf-dos(24044)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
        },
        {
          "name": "16167",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16167"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
        },
        {
          "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
        },
        {
          "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
        },
        {
          "name": "ADV-2006-0115",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0115"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015453",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015453"
            },
            {
              "name": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html",
              "refsource": "MISC",
              "url": "http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html"
            },
            {
              "name": "win-gre-wmf-dos(24044)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24044"
            },
            {
              "name": "16167",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16167"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx"
            },
            {
              "name": "20060109 [UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421258/100/0/threaded"
            },
            {
              "name": "20060107 Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/421257/100/0/threaded"
            },
            {
              "name": "ADV-2006-0115",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0115"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0143",
    "datePublished": "2006-01-09T20:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0058 (GCVE-0-2005-0058)

Vulnerability from cvelistv5 – Published: 2005-08-10 04:00 – Updated: 2024-08-07 20:57

Summary

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/14518	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://securitytracker.com/id?1014639	vdb-entryx_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/16354/	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1297",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
          },
          {
            "name": "oval:org.mitre.oval:def:100088",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
          },
          {
            "name": "14518",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14518"
          },
          {
            "name": "oval:org.mitre.oval:def:1075",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
          },
          {
            "name": "MS05-040",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
          },
          {
            "name": "1014639",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014639"
          },
          {
            "name": "oval:org.mitre.oval:def:100086",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
          },
          {
            "name": "16354",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16354/"
          },
          {
            "name": "oval:org.mitre.oval:def:100084",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
          },
          {
            "name": "oval:org.mitre.oval:def:1213",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
          },
          {
            "name": "oval:org.mitre.oval:def:100085",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-08-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1297",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
        },
        {
          "name": "oval:org.mitre.oval:def:100088",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
        },
        {
          "name": "14518",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14518"
        },
        {
          "name": "oval:org.mitre.oval:def:1075",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
        },
        {
          "name": "MS05-040",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
        },
        {
          "name": "1014639",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014639"
        },
        {
          "name": "oval:org.mitre.oval:def:100086",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
        },
        {
          "name": "16354",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16354/"
        },
        {
          "name": "oval:org.mitre.oval:def:100084",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
        },
        {
          "name": "oval:org.mitre.oval:def:1213",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
        },
        {
          "name": "oval:org.mitre.oval:def:100085",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0058",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1297",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1297"
            },
            {
              "name": "oval:org.mitre.oval:def:100088",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100088"
            },
            {
              "name": "14518",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/14518"
            },
            {
              "name": "oval:org.mitre.oval:def:1075",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1075"
            },
            {
              "name": "MS05-040",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-040"
            },
            {
              "name": "1014639",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014639"
            },
            {
              "name": "oval:org.mitre.oval:def:100086",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100086"
            },
            {
              "name": "16354",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16354/"
            },
            {
              "name": "oval:org.mitre.oval:def:100084",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100084"
            },
            {
              "name": "oval:org.mitre.oval:def:1213",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1213"
            },
            {
              "name": "oval:org.mitre.oval:def:100085",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100085"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0058",
    "datePublished": "2005-08-10T04:00:00",
    "dateReserved": "2005-01-11T00:00:00",
    "dateUpdated": "2024-08-07T20:57:41.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2388 (GCVE-0-2005-2388)

Vulnerability from cvelistv5 – Published: 2005-07-27 04:00 – Updated: 2024-08-07 22:22

Summary

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.eweek.com/article2/0%2C1759%2C1840131%…	x_refsource_MISC
	http://securitytracker.com/id?1014566	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/16210	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.osvdb.org/18493	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/14376	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:22:49.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp"
          },
          {
            "name": "1014566",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014566"
          },
          {
            "name": "16210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16210"
          },
          {
            "name": "windows-usb-device-bo(21539)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
          },
          {
            "name": "18493",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/18493"
          },
          {
            "name": "14376",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14376"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eweek.com/article2/0%2C1759%2C1840131%2C00.asp"
        },
        {
          "name": "1014566",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014566"
        },
        {
          "name": "16210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16210"
        },
        {
          "name": "windows-usb-device-bo(21539)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
        },
        {
          "name": "18493",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/18493"
        },
        {
          "name": "14376",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14376"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2388",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.eweek.com/article2/0,1759,1840131,00.asp",
              "refsource": "MISC",
              "url": "http://www.eweek.com/article2/0,1759,1840131,00.asp"
            },
            {
              "name": "1014566",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014566"
            },
            {
              "name": "16210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16210"
            },
            {
              "name": "windows-usb-device-bo(21539)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21539"
            },
            {
              "name": "18493",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/18493"
            },
            {
              "name": "14376",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/14376"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2388",
    "datePublished": "2005-07-27T04:00:00",
    "dateReserved": "2005-07-27T00:00:00",
    "dateUpdated": "2024-08-07T22:22:49.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2001-1552 (GCVE-0-2001-1552)

Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-08-08 04:58

Summary

ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.iss.net/security_center/static/7318.php	vdb-entryx_refsource_XF
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/3442	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "winme-ssdp-dos(7318)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/7318.php"
          },
          {
            "name": "20011017 Ssdpsrv.exe in WindowsME",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0133.html"
          },
          {
            "name": "3442",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3442"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-10-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message.  NOTE: multiple replies to the original post state that the problem could not be reproduced."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-04T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "winme-ssdp-dos(7318)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/7318.php"
        },
        {
          "name": "20011017 Ssdpsrv.exe in WindowsME",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0133.html"
        },
        {
          "name": "3442",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3442"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1552",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message.  NOTE: multiple replies to the original post state that the problem could not be reproduced."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "winme-ssdp-dos(7318)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/7318.php"
            },
            {
              "name": "20011017 Ssdpsrv.exe in WindowsME",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0133.html"
            },
            {
              "name": "3442",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3442"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1552",
    "datePublished": "2005-07-14T04:00:00",
    "dateReserved": "2005-07-14T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1212 (GCVE-0-2005-1212)

Vulnerability from cvelistv5 – Published: 2005-06-14 04:00 – Updated: 2024-08-07 21:44

Summary

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	http://www.securityfocus.com/bid/13944	vdb-entryx_refsource_BID
	http://idefense.com/application/poi/display?id=26…	third-party-advisoryx_refsource_IDEFENSE
	http://secunia.com/advisories/15669/	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1014194	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:05.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13944"
          },
          {
            "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "name": "15669",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15669/"
          },
          {
            "name": "1014194",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014194"
          },
          {
            "name": "MS05-031",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
          },
          {
            "name": "oval:org.mitre.oval:def:1224",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "13944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13944"
        },
        {
          "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
        },
        {
          "name": "15669",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15669/"
        },
        {
          "name": "1014194",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014194"
        },
        {
          "name": "MS05-031",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
        },
        {
          "name": "oval:org.mitre.oval:def:1224",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2005-1212",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13944"
            },
            {
              "name": "20050614 Microsoft Windows Interactive Training Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://idefense.com/application/poi/display?id=262\u0026type=vulnerabilities\u0026flashstatus=true"
            },
            {
              "name": "15669",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15669/"
            },
            {
              "name": "1014194",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014194"
            },
            {
              "name": "MS05-031",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-031"
            },
            {
              "name": "oval:org.mitre.oval:def:1224",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1224"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2005-1212",
    "datePublished": "2005-06-14T04:00:00",
    "dateReserved": "2005-04-22T00:00:00",
    "dateUpdated": "2024-08-07T21:44:05.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1214 (GCVE-0-2005-1214)

Vulnerability from cvelistv5 – Published: 2005-06-14 04:00 – Updated: 2024-08-07 21:44

Summary

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/bid/13948	vdb-entryx_refsource_BID
	http://secunia.com/advisories/15689	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:06.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:682",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
          },
          {
            "name": "MS05-032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
          },
          {
            "name": "13948",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13948"
          },
          {
            "name": "15689",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15689"
          },
          {
            "name": "oval:org.mitre.oval:def:906",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
          },
          {
            "name": "oval:org.mitre.oval:def:1194",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:682",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
        },
        {
          "name": "MS05-032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
        },
        {
          "name": "13948",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13948"
        },
        {
          "name": "15689",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15689"
        },
        {
          "name": "oval:org.mitre.oval:def:906",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
        },
        {
          "name": "oval:org.mitre.oval:def:1194",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2005-1214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:682",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A682"
            },
            {
              "name": "MS05-032",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-032"
            },
            {
              "name": "13948",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13948"
            },
            {
              "name": "15689",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15689"
            },
            {
              "name": "oval:org.mitre.oval:def:906",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A906"
            },
            {
              "name": "oval:org.mitre.oval:def:1194",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1194"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2005-1214",
    "datePublished": "2005-06-14T04:00:00",
    "dateReserved": "2005-04-22T00:00:00",
    "dateUpdated": "2024-08-07T21:44:06.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

116 vulnerabilities found for windows_me by microsoft

CVE-2006-1313 (GCVE-0-2006-1313)

CVE-2006-2376 (GCVE-0-2006-2376)

CVE-2006-0012 (GCVE-0-2006-0012)

CVE-2006-0006 (GCVE-0-2006-0006)

CVE-2006-0010 (GCVE-0-2006-0010)

CVE-2006-0020 (GCVE-0-2006-0020)

CVE-2006-0143 (GCVE-0-2006-0143)

CVE-2005-0058 (GCVE-0-2005-0058)

CVE-2005-2388 (GCVE-0-2005-2388)

CVE-2005-1212 (GCVE-0-2005-1212)

CVE-2005-1214 (GCVE-0-2005-1214)

CVE-2005-1191 (GCVE-0-2005-1191)

CVE-2005-0057 (GCVE-0-2005-0057)

CVE-2005-0053 (GCVE-0-2005-0053)

CVE-2005-0044 (GCVE-0-2005-0044)

CVE-2005-0063 (GCVE-0-2005-0063)

CVE-2005-0061 (GCVE-0-2005-0061)

CVE-2005-0060 (GCVE-0-2005-0060)

CVE-2006-1313 (GCVE-0-2006-1313)

CVE-2006-2376 (GCVE-0-2006-2376)

CVE-2006-0012 (GCVE-0-2006-0012)

CVE-2006-0006 (GCVE-0-2006-0006)

CVE-2006-0010 (GCVE-0-2006-0010)

CVE-2006-0020 (GCVE-0-2006-0020)

CVE-2006-0143 (GCVE-0-2006-0143)

CVE-2005-0058 (GCVE-0-2005-0058)

CVE-2005-2388 (GCVE-0-2005-2388)

CVE-2001-1552 (GCVE-0-2001-1552)

CVE-2005-1212 (GCVE-0-2005-1212)

CVE-2005-1214 (GCVE-0-2005-1214)