microsoft software vulnerabilities
vulnerabilities.aspcode.net
Searching microsoft software vulnerabilities
Microsoft Access 97 stores a database password
plaintext
|
Microsoft
|
password
|
allowing
|
database
|
foreign
|
Access
|
stores
|
data
|
mdb
|
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
Modifications to ACLs (Access Control Lists) in
Modifications
|
ACLs
|
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
Microsoft Java Virtual Machine allows remote at
getSystemResourceAsStream
|
attackers
|
Microsoft
|
function
|
Virtual
|
Machine
|
allows
|
remote
|
files
|
Java
|
read
|
via
|
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
The Microsoft Active Setup ActiveX component in
manufacturer
|
software's
|
components
|
component
|
Microsoft
|
prompting
|
attacker
|
software
|
Explorer
|
Internet
|
without
|
stating
|
ActiveX
|
install
|
remote
|
Active
|
allows
|
Setup
|
user
|
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
The Microsoft Jet database engine allows an att
vulnerability
|
Microsoft
|
attacker
|
commands
|
database
|
execute
|
Shell"
|
engine
|
allows
|
query
|
"VBA
|
Jet
|
via
|
aka
|
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
The MSDTC (Microsoft Distributed Transaction Se
MSDTC
|
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.
Buffer overflow in several Database Consistency
Consistency
|
Database
|
Checkers
|
overflow
|
several
|
Buffer
|
Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.
SQL injection vulnerability in stored procedure
vulnerability
|
procedures
|
Microsoft
|
injection
|
Server
|
stored
|
SQL
|
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
Microsoft Exchange 2000, when used with Microso
Microsoft
|
Exchange
|
Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.
Microsoft Windows XP allows local users to prev
explorerexemanifest
|
Microsoft
|
prevent
|
booting
|
corrupt
|
Windows
|
allows
|
system
|
users
|
local
|
file
|
via
|
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.
Microsoft Windows XP allows remote attackers to
attackers
|
Microsoft
|
service
|
Windows
|
denial
|
allows
|
remote
|
cause
|
Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP).
Unknown vulnerability in the SmartHTML interpre
vulnerability
|
interpreter
|
SmartHTML
|
Unknown
|
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
The PerfectNav plugin for Microsoft Internet Ex
PerfectNav
|
Microsoft
|
attackers
|
Explorer
|
Internet
|
service
|
denial
|
allows
|
plugin
|
remote
|
cause
|
The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?".
Directory traversal vulnerability in Microsoft
vulnerability
|
attackers
|
sequences
|
overwrite
|
Microsoft
|
traversal
|
Directory
|
archive
|
cabarc
|
remote
|
allows
|
names
|
files
|
file
|
CAB
|
via
|
"/"
|
Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.
Stack-based buffer overflow in Microsoft Word 2
Stack-based
|
Microsoft
|
overflow
|
buffer
|
Word
|
Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information.
The Microsoft Windows kernel in Microsoft Windo
Microsoft
|
Windows
|
kernel
|
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Microsoft Front Page allows attackers to cause
attackers
|
Microsoft
|
service
|
denial
|
allows
|
Front
|
cause
|
Page
|
Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
Buffer overflow in a certain USB driver, as use
Microsoft
|
attackers
|
arbitrary
|
overflow
|
Windows
|
execute
|
certain
|
driver
|
Buffer
|
allows
|
used
|
code
|
USB
|
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
Firefox, when opening Microsoft Word documents,
applications
|
permissions
|
arbitrary
|
attackers
|
documents
|
Microsoft
|
properly
|
sections
|
Firefox
|
opening
|
allows
|
Office
|
remote
|
shared
|
write
|
which
|
data
|
open
|
Word
|
does
|
set
|
not
|
Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.
Microsoft Word 2003 allows remote attackers to
Microsoft
|
Word
|
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
Software vulnerabilities results 1 to 20 of 902
Page:
1
2
3
4
5
...
46
►