Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 2000*

461 matches found

CVE
CVEadded 2001/01/22 5:0 a.m.35 views

CVE-2000-1034

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.

10CVSS7.7AI score0.15431EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.35 views

CVE-2002-0720

A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.

7.2CVSS6.5AI score0.02284EPSS
CVE
CVEadded 2005/10/06 10:2 a.m.35 views

CVE-2005-3168

The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the t...

7.5CVSS6.6AI score0.0062EPSS
CVE
CVEadded 2005/10/06 10:2 a.m.35 views

CVE-2005-3169

Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activ...

5CVSS6.9AI score0.13243EPSS
CVE
CVEadded 2005/10/06 10:2 a.m.35 views

CVE-2005-3172

The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attac...

5CVSS7.5AI score0.11109EPSS
CVE
CVEadded 2005/10/06 10:2 a.m.34 views

CVE-2005-3176

Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.

7.5CVSS6.9AI score0.14828EPSS
CVE
CVEadded 2001/06/02 4:0 a.m.33 views

CVE-2001-0261

Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.

2.1CVSS6.6AI score0.01102EPSS
CVE
CVEadded 2005/02/20 5:0 a.m.33 views

CVE-2004-1649

Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.

7.2CVSS7.8AI score0.01505EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.31 views

CVE-1999-0582

A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.

5CVSS7.4AI score0.07541EPSS
CVE
CVEadded 2007/10/23 1:0 a.m.31 views

CVE-2003-1448

Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet.

7.8CVSS6.8AI score0.27388EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.30 views

CVE-2000-0933

The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.

4.6CVSS6.8AI score0.02471EPSS
Total number of security vulnerabilities461