Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows-nt
Subscriptions
Total
30 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2253 | 1 Microsoft | 3 Windows-nt, Windows Media Player, Windows Xp | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." | ||||
| CVE-2008-3008 | 1 Microsoft | 5 Windows-nt, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability." | ||||
| CVE-2008-3014 | 1 Microsoft | 14 Digital Image Suite, Forefront Client Security, Internet Explorer and 11 more | 2025-04-09 | N/A |
| Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability." | ||||
| CVE-2008-3614 | 2 Apple, Microsoft | 4 Quicktime, Windows-nt, Windows Vista and 1 more | 2025-04-09 | N/A |
| Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption. | ||||
| CVE-2008-3624 | 2 Apple, Microsoft | 5 Mac Os X, Quicktime, Windows-nt and 2 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. | ||||
| CVE-2008-3629 | 2 Apple, Microsoft | 6 Mac Os X, Mac Os X Server, Quicktime and 3 more | 2025-04-09 | N/A |
| Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. | ||||
| CVE-2008-3842 | 1 Microsoft | 5 .net Framework, Windows-nt, Windows 2000 and 2 more | 2025-04-09 | N/A |
| Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence. | ||||
| CVE-2008-3365 | 2 Microsoft, Pixelpost | 7 Windows, Windows-nt, Windows 2000 and 4 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter. | ||||
| CVE-2008-1086 | 1 Microsoft | 6 Internet Explorer, Windows-nt, Windows 2000 and 3 more | 2025-04-09 | N/A |
| The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. | ||||
| CVE-2006-0005 | 1 Microsoft | 7 Windows-nt, Windows 2000, Windows 2000 Advanced Server and 4 more | 2025-04-03 | N/A |
| Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. | ||||