Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_xp
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 743 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-11-17 | CVE-2005-3644 | PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120. | Windows_2000, Windows_xp | N/A | ||
| 2005-07-19 | CVE-2005-2307 | netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability." | Windows_2000, Windows_xp | N/A | ||
| 2005-10-21 | CVE-2005-2122 | Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-10-21 | CVE-2005-2118 | Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-08-10 | CVE-2005-1982 | Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-08-10 | CVE-2005-1218 | The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-06-14 | CVE-2005-1214 | Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2005-06-14 | CVE-2005-1212 | Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2005-05-02 | CVE-2005-1184 | The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. | Windows_2000, Windows_2003_server, Windows_98se, Windows_nt, Windows_xp | N/A | ||
| 2005-05-02 | CVE-2005-0545 | Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this issue has been disputed in a followup post. | Windows_2000, Windows_xp | N/A |