Creditee: Cesar Cerrudo

Known Contact Information:

  • (as of 2003-04-30)

Known Affiliations:

Disclosed Vulnerabilities (20):

Disc. DateOSVDB IDCVEIDTitle
2011-02-23 71017 2011-0037 Microsoft Malware Protection Engine (MMPE) Crafted Registry Key Local Privilege Escalation
2010-12-14 69824 2010-3961 Microsoft Windows Consent User Interface Local Privilege Escalation
2010-08-10 66977 2010-2554 Microsoft Windows Tracing Feature for Services Registry Key ACL Local Privilege Escalation
2010-08-10 66978 2010-2555 Microsoft Windows Tracing Feature for Services Registry String Handling Memory Corruption Local Privilege Escalation
2010-08-10 67083 2010-1886 Microsoft Windows TAPI Server (TAPISRV) Service Isolation Bypass Local Privilege Escalation
2009-04-14 53666 2009-0078 Microsoft Windows Management Instrumentation (WMI) Service Isolation Local Privilege Escalation
2009-04-14 53667 2009-0079 Microsoft Windows RPCSS Service Isolation Local Privilege Escalation
2009-04-14 53668 2009-0080 Microsoft Windows ThreadPool ACL Enforcement Weakness Local Privilege Escalation
2008-04-27 44580 2008-1436 Microsoft Windows Microsoft Distributed Transaction Coordinator (MSDTC) SeImpersonatePrivilege User Right Local Privilege Escalation
2006-11-06 30214 2006-5758 Microsoft Windows GDI Kernel Structure Modification Code Execution
2005-10-11 19902 2005-1978 Microsoft Windows COM+ Remote Code Execution
2004-12-14 12372 2004-0893 Microsoft Windows Kernel Application Launch Local Privilege Escalation
2004-12-14 12376 2004-0894 Microsoft Windows LSASS Identity Token Validation Local Privilege Escalation
2004-09-09 9817 2004-0638 Oracle Database Server dbms_system.ksdwrt() Function Remote Overflow
2004-07-13 7792 2004-0213 Microsoft Windows 2000 Utility Manager Privilege Escalation
2004-05-05 5993 Microsoft Active Server Pages (ASP) Engine Malformed Cookie Handling Remote Information Disclosure
2004-04-13 5254 2003-0908 Microsoft Windows Utility Manager Privilege Escalation
2003-06-02 61525 Microsoft Commerce Server ADMINDBPS Registry Key Encoded Password Local Disclosure
2003-04-30 10104 2003-0118 Microsoft BizTalk Server DTA RawCustomSearchField.asp SQL Injection
2003-04-30 13406 2003-0117 Microsoft BizTalk Server BizTalkHTTPReceive.dll ISAPI Overflow

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use