Vulnerabilities > Microsoft > Windows ME > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0057 | Buffer Overflow vulnerability in Microsoft Windows Hyperlink Object Library The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow. | 7.5 |
| 2005-05-02 | CVE-2005-0053 | Unspecified vulnerability in Microsoft products Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0044 | Unspecified vulnerability in Microsoft products The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | 7.5 |
| 2005-04-27 | CVE-2005-0416 | Buffer Overflow vulnerability in Microsoft Windows User32.DLL ANI File Header Handling Stack-Based The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. | 7.5 |
| 2004-07-27 | CVE-2003-1048 | Double Free vulnerability in Microsoft products Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | 7.8 |
| 2004-06-01 | CVE-2004-0123 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
| 2004-06-01 | CVE-2004-0117 | Unspecified vulnerability in Microsoft products Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | 7.5 |
| 2004-06-01 | CVE-2003-0719 | Unspecified vulnerability in Microsoft products Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | 7.5 |
| 2004-06-01 | CVE-2003-0533 | Buffer Overrun vulnerability in Microsoft Windows LSASS Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | 7.5 |
| 2003-11-17 | CVE-2003-0717 | Buffer Overrun vulnerability in Microsoft Windows Messenger Service The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |