Vulnerabilities > Microsoft > Windows NT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-07-08 | CVE-2008-1435 | Code Injection vulnerability in Microsoft Windows-Nt and Windows Vista Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability." | 9.3 |
| 2008-07-07 | CVE-2008-2430 | Numeric Errors vulnerability in Videolan VLC Media Player 0.8.6H Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file. | 9.3 |
| 2008-06-24 | CVE-2008-2427 | Buffer Errors vulnerability in Pagesperso-Orange GFL Sdk, Nconvert and Xnview Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file. | 9.3 |
| 2008-06-23 | CVE-2008-2821 | Path Traversal vulnerability in Glub Secure FTP Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | 9.3 |
| 2008-06-12 | CVE-2008-2674 | Arbitrary File Access vulnerability in Fujitsu Interstage Management Console Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | 6.4 |
| 2008-06-12 | CVE-2008-1453 | Improper Input Validation vulnerability in Microsoft Windows-Nt, Windows Vista and Windows XP The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets. | 8.3 |
| 2008-06-12 | CVE-2008-1445 | Improper Input Validation vulnerability in Microsoft Windows-Nt, Windows 2003 Server and Windows XP Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request. | 7.1 |
| 2008-06-12 | CVE-2008-1444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." | 9.3 |
| 2008-06-12 | CVE-2008-0011 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability." | 9.3 |
| 2008-05-13 | CVE-2008-2163 | Cross-Site Scripting vulnerability in IBM Lotus Quickr 8.1 Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors." | 4.3 |