Vulnerabilities > Microsoft > Windows XP > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-01 | CVE-2006-0488 | Denial-Of-Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm. | 2.1 |
| 2005-12-31 | CVE-2005-4696 | Information Disclosure vulnerability in Microsoft Windows Wireless Zero Configuration Service The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network. | 2.1 |
| 2005-12-31 | CVE-2005-4697 | Information Disclosure vulnerability in Microsoft Windows Wireless Zero Configuration Service The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll. | 2.1 |
| 2005-10-21 | CVE-2005-2126 | Unspecified vulnerability in Microsoft products The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. | 2.6 |
| 2005-09-01 | CVE-2005-2765 | Local Security vulnerability in Microsoft Windows 2003 Server and Windows XP The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. | 2.1 |
| 2005-08-10 | CVE-2005-1982 | Man In The Middle vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | 3.6 |
| 2005-05-02 | CVE-2005-0550 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability". | 2.1 |
| 2005-05-02 | CVE-2005-0852 | Local Denial Of Service vulnerability in Microsoft Windows Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3. | 2.1 |
| 2005-05-02 | CVE-2005-0904 | Improper Input Validation vulnerability in Microsoft Windows XP Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe. | 2.1 |
| 2004-12-31 | CVE-2004-2365 | Denial-Of-Service vulnerability in Microsoft Windows 2003 Server and Windows XP Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount. | 2.1 |