Vulnerabilities > Microsoft > Windows NT > 2008
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-12 | CVE-2008-1444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." | 9.3 |
| 2008-06-12 | CVE-2008-0011 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability." | 9.3 |
| 2008-04-08 | CVE-2008-1087 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability." | 9.3 |
| 2008-04-08 | CVE-2008-1086 | Code Injection vulnerability in Microsoft products The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. | 9.3 |