Lucene search

K
MicrosoftWindows 2000

515 matches found

CVE
CVE
added 2001/07/27 4:0 a.m.58 views

CVE-2001-0350

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of th...

4.6CVSS7.1AI score0.00423EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.58 views

CVE-2002-0054

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

7.5CVSS6.8AI score0.08243EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.58 views

CVE-2002-1700

Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.

4.3CVSS6.4AI score0.30367EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.58 views

CVE-2004-1319

The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstra...

5CVSS6.6AI score0.34428EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.58 views

CVE-2005-0803

The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."

5CVSS6.5AI score0.76305EPSS
CVE
CVE
added 2005/10/12 1:4 p.m.58 views

CVE-2005-1978

COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.44216EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.58 views

CVE-2008-1084

Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is...

7.2CVSS6.8AI score0.11557EPSS
CVE
CVE
added 2009/07/29 5:30 p.m.58 views

CVE-2009-1919

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted obj...

9.3CVSS7.5AI score0.60976EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.58 views

CVE-2009-2530

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulne...

9.3CVSS7.2AI score0.42147EPSS
CVE
CVE
added 2010/02/10 6:30 p.m.58 views

CVE-2010-0016

The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted response, aka "SMB Client Pool Corruption Vulnerabilit...

9.3CVSS7.4AI score0.44297EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.57 views

CVE-1999-0721

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

7.8CVSS7AI score0.19454EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.57 views

CVE-2000-0305

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

7.8CVSS6.7AI score0.30689EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.57 views

CVE-2001-0341

Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

7.5CVSS7.6AI score0.1396EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.57 views

CVE-2001-0347

Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid.

7.5CVSS6.5AI score0.13659EPSS
CVE
CVE
added 2002/10/10 4:0 a.m.57 views

CVE-2002-0693

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script co...

7.5CVSS7.2AI score0.53821EPSS
CVE
CVE
added 2004/06/01 4:0 a.m.57 views

CVE-2003-0663

Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.

5CVSS7.2AI score0.28851EPSS
CVE
CVE
added 2003/11/17 5:0 a.m.57 views

CVE-2003-0711

Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

7.5CVSS8.1AI score0.47787EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.57 views

CVE-2004-0894

LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.

7.2CVSS6.5AI score0.01951EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.57 views

CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or ...

5CVSS6.5AI score0.77406EPSS
CVE
CVE
added 2006/11/14 10:7 p.m.57 views

CVE-2006-4688

Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."

7.5CVSS7.7AI score0.82631EPSS
CVE
CVE
added 2009/06/10 6:30 p.m.57 views

CVE-2009-1126

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate the user-mode input associated with the editing of an unspecified desktop parameter, which allows local users to gain privileges via a crafted application, aka "Windows Desktop Parameter Edit Vu...

7.2CVSS6.3AI score0.00627EPSS
CVE
CVE
added 2010/03/31 7:30 p.m.57 views

CVE-2010-0489

Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."

9.3CVSS7.3AI score0.32817EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.56 views

CVE-2001-1517

RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying tha...

2.1CVSS6.9AI score0.02266EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.56 views

CVE-2001-1560

Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.

2.1CVSS6.6AI score0.00308EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.56 views

CVE-2002-1258

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.

5CVSS6.8AI score0.01796EPSS
CVE
CVE
added 2003/03/24 5:0 a.m.56 views

CVE-2003-0010

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based bu...

7.5CVSS7.9AI score0.18896EPSS
CVE
CVE
added 2003/08/18 4:0 a.m.56 views

CVE-2003-0496

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

7.2CVSS6.4AI score0.00934EPSS
CVE
CVE
added 2004/11/03 5:0 a.m.56 views

CVE-2004-0207

"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs...

2.1CVSS6.5AI score0.01588EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.56 views

CVE-2005-0058

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.

7.5CVSS7.4AI score0.22011EPSS
CVE
CVE
added 2007/09/12 1:17 a.m.56 views

CVE-2007-3040

Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different iss...

9.3CVSS7.6AI score0.61977EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.56 views

CVE-2008-3008

Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."

9.3CVSS7.6AI score0.79517EPSS
Web
CVE
CVE
added 2008/12/10 2:0 p.m.56 views

CVE-2008-3465

Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, whic...

9.8CVSS7.8AI score0.41365EPSS
CVE
CVE
added 2009/12/09 6:30 p.m.56 views

CVE-2009-2506

Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in...

9.3CVSS7.6AI score0.71709EPSS
CVE
CVE
added 2001/07/27 4:0 a.m.55 views

CVE-2001-0349

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of thi...

7.2CVSS7.1AI score0.03108EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.55 views

CVE-2002-0070

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.

7.6CVSS7.7AI score0.26114EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.55 views

CVE-2002-0694

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execut...

7.5CVSS7.5AI score0.28961EPSS
CVE
CVE
added 2003/11/17 5:0 a.m.55 views

CVE-2003-0659

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

7.2CVSS7.3AI score0.03659EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.55 views

CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

7.2CVSS6.6AI score0.01018EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.55 views

CVE-2005-0048

Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability."

7.5CVSS7.6AI score0.54851EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.55 views

CVE-2005-0550

Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".

2.1CVSS6.4AI score0.00988EPSS
CVE
CVE
added 2005/10/12 1:4 p.m.55 views

CVE-2005-1980

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed ...

5CVSS6.4AI score0.68138EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.55 views

CVE-2008-0087

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

8.8CVSS6.8AI score0.58949EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.55 views

CVE-2008-1083

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, ...

9.3CVSS7.7AI score0.62174EPSS
CVE
CVE
added 2008/08/13 12:42 p.m.55 views

CVE-2008-1457

The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription request.

9CVSS7AI score0.51518EPSS
CVE
CVE
added 2008/10/15 12:12 a.m.55 views

CVE-2008-3479

Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing S...

10CVSS7.9AI score0.65924EPSS
Web
CVE
CVE
added 2008/10/15 12:12 a.m.55 views

CVE-2008-4023

Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."

10CVSS7.4AI score0.62764EPSS
CVE
CVE
added 2008/11/17 11:30 p.m.55 views

CVE-2008-5112

The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind re...

5CVSS6.5AI score0.32143EPSS
CVE
CVE
added 2009/03/11 2:19 p.m.55 views

CVE-2009-0094

The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATA...

5.5CVSS6.1AI score0.5338EPSS
CVE
CVE
added 2009/07/15 3:30 p.m.55 views

CVE-2009-0231

The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncatio...

9.3CVSS8.7AI score0.71385EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.55 views

CVE-2009-1547

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."

9.3CVSS7.1AI score0.37945EPSS
Web
Total number of security vulnerabilities515