Vulnerabilities > Microsoft > Windows Vista

DATE CVE VULNERABILITY TITLE RISK
2020-02-20 CVE-2012-5364 Resource Exhaustion vulnerability in Microsoft products
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
network
low complexity
microsoft CWE-400
7.8
2020-02-20 CVE-2012-5362 Resource Exhaustion vulnerability in Microsoft products
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
network
low complexity
microsoft CWE-400
7.8
2019-05-16 CVE-2019-0708 USE After Free vulnerability in Microsoft products
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-416
critical
10.0
2018-04-26 CVE-2017-14010 Uncontrolled Search Path Element vulnerability in Spidercontrol Scada Microbrowser 1.6.30.144
In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path.
6.8
2018-02-26 CVE-2018-7250 Information Exposure vulnerability in multiple products
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc.
local
low complexity
microsoft tivo CWE-200
2.1
2018-02-26 CVE-2018-7249 USE After Free vulnerability in multiple products
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc.
6.9
2017-04-12 CVE-2017-0199 Remote Code Execution vulnerability in Microsoft Office OLE Feature
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."
network
microsoft
critical
9.3
2017-04-12 CVE-2017-0192 Information Exposure vulnerability in Microsoft products
The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially crafted document or an untrusted website, aka "ATMFD.dll Information Disclosure Vulnerability."
network
microsoft CWE-200
4.3
2017-04-12 CVE-2017-0166 Incorrect Calculation of Buffer Size vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated.
network
microsoft CWE-131
critical
9.3
2017-04-12 CVE-2017-0158 Scripting Engine Remote Memory Corruption vulnerability in Microsoft Internet Explorer
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."
network
high complexity
microsoft
7.6