You are on page 1of 5

5/22/12

Microsoft Windows Xp : List of security vulnerabilities


Search
(e.g.: C V E - 2 0 0 9 - 1 2 3 4 or 2 0 1 0 - 1 2 3 4 or 2 0 1 0 1 2 3 4 )

View CVE

Log In

Register

Reset Password

Activate Account

Vulnerability Feeds & Widgets New

www.itsecdb.com

Home Browse : Vendors Products By Date By Type Reports : C VSS Score Report C VSS Score Distribution Search : Vendor Search Product Search Version Search Vulnerability Search By Microsoft References Top 50 : Vendors Vendor C vss Scores Products Product C vss Scores Versions Other : Microsoft Bulletins Bugtraq Entries C WE Definitions About & C ontact Feedback C VE Help FAQ External Links : NVD Website C WE Web Site View CVE : Go (e.g.: C VE-2009-1234 or 2010-1234 or 20101234) View BID : Go (e.g.: 12345) Search By Microsoft Reference ID: Go (e.g.: ms10-001 or 979352)

Microsoft Windows Xp : Security Vulnerabilities Published In 2011


2011 : January Fe bruary March 1 April 2 3 May 4 5 June 6 7 July 8 9 C VSS Score De sce nding Num be r O f Ex ploits De sce nding August Se pte m be r O ctobe r Nove m be r De ce m be r C VSS Score s Gre ate r Than: 0

Sort R e sults By : C ve Num be r De sce nding

C ve Num be r Asce nding

Total number of vulnerabilities : 101 # CV E ID CW E # of ID Exploits

Page : 1 2 (This Page) 3 Publish Date 201104-13 Update Date 201110-04 Sc ore Gained Ac c ess Level None Ac c ess Complex ity Low Authen tic ation Confiden tiality Integrity Availa bility

V ulnerability Ty pe(s) +Priv

51 C VE-2011-1239 399

7.2

Local

Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 52 C VE-2011-1238 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 53 C VE-2011-1237 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 54 C VE-2011-1236 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 55 C VE-2011-1235 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 56 C VE-2011-1234 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 57 C VE-2011-1233 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 58 C VE-2011-1232 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 59 C VE-2011-1231 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 60 C VE-2011-1230 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739&version_id=&page=2&hase

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null

1/5

5/22/12

that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 61 C VE-2011-1229 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Microsoft Windows Xp : List of security vulnerabilities

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 62 C VE-2011-1228 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 63 C VE-2011-1227 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 64 C VE-2011-1226 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 65 C VE-2011-1225 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 66 C VE-2011-0677 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 67 C VE-2011-0676 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" C VEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." 68 C VE-2011-0675 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 69 C VE-2011-0674 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 70 C VE-2011-0673 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." 71 C VE-2011-0672 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 72 C VE-2011-0671 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 73 C VE-2011-0670 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739&version_id=&page=2&hase

2/5

5/22/12

Microsoft Windows Xp : List of security vulnerabilities


04-13 10-04 required Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 74 C VE-2011-0667 399 +Priv 201104-13 201110-04 None 7.2 Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 75 C VE-2011-0666 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 76 C VE-2011-0665 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 77 C VE-2011-0662 399 +Priv 201104-13 201110-04 7.2 None Local Low Not C omplete C omplete C omplete required

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" C VEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." 78 C VE-2011-0661 20 Exec C ode 201104-13 201110-04 10.0 None Remote Low Not C omplete C omplete C omplete required

The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a malformed request in a (1) SMBv1 or (2) SMBv2 packet, aka "SMB Transaction Parsing Vulnerability." 79 C VE-2011-0660 20 Exec C ode 201104-13 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB C lient Response Parsing Vulnerability." 80 C VE-2011-0658 189 Exec C ode 201106-16 201107-18 9.3 None Remote Medium Not C omplete C omplete C omplete required

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka "OLE Automation Underflow Vulnerability." 81 C VE-2011-0657 20 Exec C ode 201104-13 201110-04 7.5 None Remote Low Not required Partial Partial Partial

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability." 82 C VE-2011-0096 79 1 XSS 201101-31 201110-04 4.3 None Remote Medium Not required None Partial None

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability." 83 C VE-2011-0090 20 +Priv Mem. 201120117.2 None Local Low Not C omplete C omplete C omplete

C orr. 02-08 07-18 required win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory C orruption Vulnerability." 84 C VE-2011-0089 20 +Priv 201102-08 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window C lass Improper Pointer Validation Vulnerability." 85 C VE-2011-0088 20 +Priv 201102-08 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Window C lass Pointer C onfusion Vulnerability." 86 C VE-2011-0087 20 +Priv 201102-08 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and

www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739&version_id=&page=2&hase

3/5

5/22/12

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability." 87 C VE-2011-0086 20 +Priv 201102-08 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

Microsoft Windows Xp : List of security vulnerabilities

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Improper User Input Validation Vulnerability." 88 C VE-2011-0045 119 Overflow +Priv 201102-08 201109-21 7.2 None Local Low Not C omplete C omplete C omplete required

The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability." 89 C VE-2011-0043 310 +Priv 201102-10 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the C RC 32 algorithm, aka "Kerberos Unkeyed C hecksum Vulnerability." 90 C VE-2011-0042 20 Exec C ode 201103-09 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media C enter in Microsoft Windows XP SP2 and SP3, Windows XP Media C enter Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media C enter TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability." 91 C VE-2011-0041 189 Exec C ode Overflow 201104-13 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability." 92 C VE-2011-0039 287 +Priv 201102-08 201107-18 7.2 None Local Low Not C omplete C omplete C omplete required

The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability." 93 C VE-2011-0034 119 Exec C ode Overflow 201104-13 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

Stack-based buffer overflow in the OpenType C ompact Font Format (aka OTF or C FF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted parameter values in an OpenType font, aka "OpenType Font Stack Overflow Vulnerability." 94 C VE-2011-0033 20 Exec C ode 201102-10 201107-18 9.3 None Remote Medium Not C omplete C omplete C omplete required

The OpenType C ompact Font Format (C FF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded C haracter Vulnerability." 95 C VE-2011-0030 264 +Priv +Info 201102-08 201107-18 6.9 None Local Medium Not C omplete C omplete C omplete required

The C lient/Server Run-time Subsystem (C SRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "C SRSS Elevation of Privilege Vulnerability," a different vulnerability than C VE-2010-0023. 96 C VE-2011-0029 +Priv 201103-09 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

Untrusted search path vulnerability in the client in Microsoft Remote Desktop C onnection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability." 97 C VE-2011-0028 94 Exec C ode 201104-13 201110-04 9.3 None Remote Medium Not C omplete C omplete C omplete required

WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad C onverter Parsing Vulnerability." 98 C VE-2010-4701 119 1 Exec C ode Overflow 201101-20 201110-04 7.6 None Remote High Not C omplete C omplete C omplete required

Heap-based buffer overflow in the C DrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services C over Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax C over Page (.cov) file. NOTE: some of these details are obtained from third party information. 99 C VE-2010-4669 399 DoS 201101-07 201101-19 7.8 None Remote Low Not required None None C omplete

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (C PU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package. 100 C VE-2010-3974 119 Exec C ode Overflow Mem. C orr. 201104-13 201110-04 7.6 None Remote High Not C omplete C omplete C omplete required

www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739&version_id=&page=2&hase

4/5

5/22/12

Microsoft Windows Xp : List of security vulnerabilities


Mem. C orr. fxscover.exe in the Fax C over Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, which allows remote attackers to execute arbitrary code via a crafted .cov file, aka "Fax C over Page Editor Memory C orruption Vulnerability." Total number of vulnerabilities : 101 Page : 1 2 (This Page) 3
Use r agre e m e nt, disclaim e r and privacy state m e nt About & C ontact Fe e dback

How doe s it work ? Known lim itations & te chnical de tails

C V E is a regis tred trademark of the M I T RE C orporation and the authoritive s ourc e of C V E c ontent is M I T RE 's C V E web s ite. C WE is a regis tred trademark of the M I T RE C orporation and the authoritive s ourc e of C WE c ontent is M I T RE 's C WE web s ite. O V A L is a regis tered trademark of T he M I T RE C orporation and the authoritive s ourc e of O V A L c ontent is M I T RE 's O V A L web s ite. U s e of this information c ons titutes ac c eptanc e for us e in an A S I S c ondition. T here are N O warranties , implied or otherwis e, with regard to this information or its us e. A ny us e of this information is at the us er's ris k. I t is the res pons ibility of us er to evaluate the ac c urac y, c ompletenes s or us efulnes s of any information, opinion, advic e or other c ontent. E A C H U SE R WI L L BE SO L E L Y RE SP O N SI BL E FO R A N Y c ons equenc es of his or her direc t or indirec t us e of this web s ite. A L L WA RRA N T I E S O F A N Y KI N D A RE E XP RE SSL Y D I SC L A I M E D . T his s ite will N O T BE L I A BL E FO R A N Y D I RE C T , I N D I RE C T or any other kind of los s .

www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739&version_id=&page=2&hase

5/5

You might also like