Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows-nt
Total 31 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1453 1 Microsoft 3 Windows-nt, Windows Vista, Windows Xp 2018-10-12 8.3 HIGH N/A
The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
CVE-2008-1087 1 Microsoft 5 Windows-nt, Windows 2000, Windows 2003 Server and 2 more 2018-10-12 9.3 HIGH N/A
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability."
CVE-2008-1435 1 Microsoft 2 Windows-nt, Windows Vista 2018-10-12 9.3 HIGH N/A
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
CVE-2008-1444 1 Microsoft 6 Directx, Windows-nt, Windows 2000 and 3 more 2018-10-12 9.3 HIGH N/A
Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."
CVE-2008-1445 1 Microsoft 3 Windows-nt, Windows 2003 Server, Windows Xp 2018-10-12 7.1 HIGH N/A
Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.
CVE-2008-0011 1 Microsoft 6 Directx, Windows-nt, Windows 2000 and 3 more 2018-10-12 9.3 HIGH N/A
Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability."
CVE-2008-3842 1 Microsoft 5 .net Framework, Windows-nt, Windows 2000 and 2 more 2018-10-11 4.3 MEDIUM N/A
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence.
CVE-2008-3365 2 Microsoft, Pixelpost 7 Windows, Windows-nt, Windows 2000 and 4 more 2018-10-11 6.8 MEDIUM N/A
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
CVE-2008-1931 2 Microsoft, Realtek 3 Windows-nt, Windows Vista, Hd Audio Codec Drivers 2018-10-11 6.8 MEDIUM N/A
Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request.
CVE-2008-1932 2 Microsoft, Realtek 3 Windows-nt, Windows Vista, Hd Audio Codec Drivers 2018-10-11 6.8 MEDIUM N/A
Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request.
CVE-2008-1471 2 Microsoft, Panda 6 Windows-nt, Windows 2000, Windows Vista and 3 more 2018-10-11 7.2 HIGH N/A
The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.