460 matches found
CVE-2007-6043
CVE-2007-6043 concerns the CryptGenRandom generator on Windows 2000, which produces predictable values. The description states this can let context-dependent attackers weaken cryptographic mechanisms, demonstrated via attacks on forward and backward security related to the use of eight RC4 instan...
CVE-2008-0088
Summary: CVE-2008-0088 describes a denial-of-service in Microsoft Active Directory and ADAM caused by improper validation of crafted LDAP requests. Affected components include Active Directory on Windows 2000 Server and Windows Server 2003, and ADAM on Windows XP/Server 2003. The underlying root ...
CVE-2008-1457
CVE-2008-1457 describes a remote code execution vulnerability in the Microsoft Windows Event System. The flaw occurs when creating per-user subscriptions, allowing an attacker with valid logon credentials to craft a subscription request that could run arbitrary code with system privileges. Affect...
CVE-2009-1127
Microsoft Windows kernel Win32k subsystem (Win32k.sys) contains multiple vulnerabilities disclosed under CVE-2009-1127, CVE-2009-2513, and CVE-2009-2514 (MS09-065). The common root cause across the entries is improper validation of arguments passed to kernel/system calls (and related GDI input ha...
CVE-2010-0023
CVE-2010-0023 affects the Client/Server Runtime Subsystem (CSRSS) on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The vulnerability stems from CSRSS not properly terminating processes after user logout, enabling a local attacker to gain privileges or access sensitive information via a craft...
CVE-2010-0491
CVE-2010-0491 is the IE HTML Object Memory Corruption vulnerability (Use-after-free) affecting Internet Explorer 5.01 SP4, 6, and 6 SP1. Exploitation requires crafting a page with an onreadystatechange handler to trigger arbitrary code execution; Microsoft documented this as part of MS10-018 and ...
CVE-2000-0834
CVE-2000-0834 : The Windows 2000 Telnet client defaults to NTLM authentication, enabling remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL pointing at a malicious server. The vulnerability affects the Windows 2000 Telnet client’s NTLM authentication behavior a...
CVE-2001-0347
The connected CERT/KB entry confirms a vulnerability in Microsoft Windows 2000 Telnet Service that permits remote authentication using domain accounts without specifying a domain name, by exploiting a wildcard domain search. The issue can lead to unauthorized domain-login or information leakage. ...
CVE-2002-0034
The CVE-2002-0034 issue concerns Microsoft CONVERT.EXE on Windows 2000/XP when converting FAT32 to NTFS. The vulnerability arises because default NTFS permissions are not applied during conversion, potentially producing a filesystem with less secure permissions than expected. Public sources (NVD/...
CVE-2003-0660
The CVE-2003-0660 issue is a vulnerability in the Authenticode verification mechanism used by Windows NT through Server 2003. Under low-memory conditions, an ActiveX control could be downloaded and installed without prompting the user, enabling remote code execution with the user’s privileges whe...
CVE-2005-3175
CVE-2005-3175 concerns Microsoft Windows 2000 before Update Rollup 1 for SP4. The vulnerability permits a local administrator to unlock a computer that was locked by a domain administrator, enabling the local administrator to access the domain session. Connected documents corroborate the affected...
CVE-2006-0006
CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...
CVE-2007-3028
CVE-2007-3028 describes a denial-of-service vulnerability in Windows 2000 Server SP4 where the LDAP service in Active Directory fails to properly validate the number of convertible attributes in client-sent LDAP requests. The linked materials indicate this is a separate issue from CVE-2007-0040, ...
CVE-2009-0082
CVE-2009-0082 is a Windows kernel local privilege-escalation vulnerability caused by improper validation of handles when performing certain actions. Affected systems include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista (Gold/SP1), and Server 2008. An attacker with valid logon credenti...
CVE-2009-0243
CVE-2009-0243 describes a Windows Autorun/NoDriveTypeAutoRun enforcement vulnerability. The issue arises from improper validation of Autorun.inf and related registry keys, enabling arbitrary code execution when users insert media (CD/DVD/USB/Firewire) or perform actions like mapping a network dri...
CVE-2009-1924
The CVE-2009-1924 entry relates to an integer/heap overflow in Microsoft Windows WINS (NetBIOS name resolution). Affected product: Windows Server/Windows 2000 SP4 with WINS service. Vulnerability arises when processing crafted WINS replication packets, allowing remote code execution with SYSTEM p...
CVE-2009-2529
CVE-2009-2529 affects Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8. The vulnerability arises from improper argument validation for unspecified variables in HTML component handling, enabling remote code execution via a crafted HTML document. Public information in connected KB ...
CVE-2001-0238
The CVE-2001-0238 entry concerns Microsoft Data Access Component Internet Publishing Provider (ID 8.103.2519.0 and earlier). The available connected documents describe that remote attackers can bypass Security Zone restrictions through WebDAV requests. The root cause details are not explicitly st...
CVE-2001-0324
The vulnerability (CVE-2001-0324) affects Windows 98 and Windows 2000 Java clients. A Java applet can open a large number of UDP sockets, the underlying cause being excessive UDP socket creation, which prevents the host from establishing additional UDP connections and can lead to a crash. No expl...
CVE-2001-0349
CVE-2001-0349 affects Microsoft Windows 2000, specifically the Telnet Service. The Telnet Service creates named pipes to share data between session handlers, using an algorithm to name pipes that is easily predictable, and it does not properly verify the pipe names. If a local attacker with acces...
CVE-2001-0509
CVE-2001-0509 affects RPC servers in Microsoft Exchange Server 2000 and earlier, Microsoft SQL Server 2000 and earlier, Windows NT 4.0, and Windows 2000. The vulnerability allows remote attackers to cause a denial of service via malformed inputs. No exploitation details or specific fixes are prov...
CVE-2001-0663
The CVE-2001-0663 entry concerns Terminal Server in Windows NT and Windows 2000. Affected component: Terminal Server; vulnerability exploited by a sequence of invalid Remote Desktop Protocol (RDP) packets to cause a denial of service. Root cause: handling of invalid/malformed RDP packets leads to...
CVE-2002-1230
CVE-2002-1230 affects Windows NT 4.0/Terminal Server Edition, Windows 2000, and Windows XP via NetDDE Agent exploiting a WM_TIMER handling flaw. An untrusted WM_TIMER sequence (after WM_COPYDATA) could trigger arbitrary code execution with LocalSystem privileges, as described in MS02-071. The vul...
CVE-2004-0123
CVE-2004-0123 (ASN.1 “Double Free”) affects Windows platforms including NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. The issue is a potential memory-management error caused by a possible double-free condition in the Microsoft ASN.1 Library, which could lead to memory corruption and,...
CVE-2004-0208
CVE-2004-0208 is a local privilege-elevation vulnerability in the Windows kernel/VDM subsystem. The Windows Virtual DOS Machine (VDM) component could allow an authenticated, locally logged-on attacker to gain kernel privileges by executing code in memory areas not properly validated when handling...
CVE-2004-1361
The CVE-2004-1361 issue affects Microsoft Windows where winhlp32.exe parses help files (.hlp). Affected: Windows NT, Windows 2000 (SP4), Windows XP (SP2), Windows 2003; vulnerability arises from an integer/length miscalculation in handling .hlp content, causing a heap-based buffer overflow. Conse...
CVE-2005-1980
CVE-2005-1980 corresponds to the MSDTC TIP Denial of Service vulnerability described in Microsoft Security Bulletin MS05-051 (CAN-2005-1980). The flaw affects MSDTC TIP processing, enabling a remote attacker to cause the DTC service to stop responding by sending a crafted TIP message. Microsoft l...
CVE-2006-5758
CVE-2006-5758 is a local elevation of privilege vulnerability in the Windows Graphics Rendering Engine (GDI) across Windows 2000 SP4 and Windows XP SP2. The underlying issue is how GDI Kernel structures are mapped into a global shared memory section created with insecure permissions: the section ...
CVE-2007-2218
CVE-2007-2218 maps to a heap corruption/remote code execution vulnerability in the Windows Schannel security package. MS07-031 describes an issue where server-sent digital signatures are not adequately checked during the SSL handshake, allowing a remote attacker to execute code (browser or app us...
CVE-2010-0237
Technical details such as affected products, versions, and fixes for CVE-2010-0237 are not provided in the supplied documents; only the high-level description is present. Monitor for updates.
CVE-2001-1347
CVE-2001-1347 affects Windows 2000. The vulnerability arises when a local user sets a hardware breakpoint that is handled via global debug registers, which can cause other processes to terminate due to an exception and may allow hijacking of resources such as named pipes. The available sources de...
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2003-0112
CVE-2003-0112 corresponds to a local privilege‑escalation in the Windows kernel. Technical details from connected docs show a buffer/stack overflow in ntoskrnl.exe related to debugging message handling (LpcRequestWaitReplyPort), enabling a local attacker to execute code with kernel privileges. Af...
CVE-2003-0349
CVE-2003-0349 : A buffer overflow in the Windows Media Services ISAPI extension nsiislog.dll used by IIS 5.0 allows remote attackers to execute arbitrary code by sending a large POST request to nsiislog.dll. The issue affects the streaming media logging component when handling multicast logging r...
CVE-2004-0540
CVE-2004-0540 affects Microsoft Windows 2000 domain authentication: if the domain FQDN is exactly eight characters, the system does not prevent logons by users with expired passwords, constituting an authentication bypass in the domain logon flow. The connected advisory (CPAI-2015-0384) corrobora...
CVE-2004-0839
CVE-2004-0839 is the IE Drag-and-Drop Vulnerability. The connected docs show it as a publicly disclosed CAN-2005-0053 vulnerability, which was addressed by Microsoft security updates MS05-014 and related MS05-008. The vulnerability arises from Internet Explorer handling drag-and-drop events, allo...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2005-1981
CVE-2005-1981 refers to a denial-of-service vulnerability in the Kerberos handling of Windows 2000 Server and Windows Server 2003 domain controllers (CAN-2005-1981). The issue allows a remote, authenticated attacker to send a crafted Kerberos message that can cause the domain controller’s authent...
CVE-2005-2307
CVE-2005-2307 is a denial-of-service vulnerability in the Windows Network Connection Manager (Network Connection Manager) where a web or local attacker could crash the Network Connections Service by sending a specially crafted input to netman.dll. The issue affects the Network Connection Manager ...
CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1/SP2, and Windows Server 2003 SP1 is affected. A vulnerability in the rendering path (DIV containing a malformed IMG tag) combined with a malformed CSS/HTML file can trigger a null dereference, causing a remot...
CVE-2006-0005
The CVE-2006-0005 vulnerability is a buffer overflow in the Windows Media Player plug-in (npdsplay.dll) used by non‑Microsoft browsers. When a user views HTML containing an EMBED tag with a long src attribute, it may allow remote code execution in the user’s context. Affected software includes Wi...
CVE-2006-3440
CVE-2006-3440 is a remote code execution vulnerability in the Winsock API (buffer overflow) affecting Windows 2000 SP4, XP SP1/SP2, XP Pro x64, Windows Server 2003 and Itanium/x64 variants. Exploitation requires convincing a user to open a specially crafted file or visit a crafted website, enabli...
CVE-2008-1456
CVE-2008-1456 describes a remote code execution vulnerability in the Windows Event System caused by improper validation when indexing an array of function pointers. Affected products include Windows 2000 SP4, XP (SP2/SP3), Server 2003 (SP1/SP2), Vista (initial and SP1), and Server 2008. The issue...
CVE-2009-4313
The CVE-2009-4313 issue affects the Microsoft Windows Indeo32 codec (ir32_32.dll 3.24.15.3) in Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The underlying flaw is malformed data in a stream within media files (e.g., AVI), which can lead to heap corruption and allow remote code execution or ...
CVE-1999-0700
CVE-1999-0700 describes a buffer overflow in Microsoft Phone Dialer (dialer.exe) triggered by a malformed dialer.ini entry. The NVD entry assigns a local attack vector, high complexity, and no authentication, with impact described as complete on confidentiality, integrity, and availability. Red H...
CVE-1999-0716
CVE-1999-0716 is a historical vulnerability described across multiple sources as a buffer overflow in Windows NT 4.0’s help file utility triggered by a malformed help file. The Red Hat advisory and CVE entries confirm the issue but do not provide concrete exploit details beyond the basic descript...
CVE-2000-1079
Affected software/hardware: Microsoft Windows 95, 98, NT, and 2000. Vulnerability: Interaction between the CIFS Browser Protocol and NetBIOS allows remote modification of dynamic NetBIOS name cache entries via a spoofed Browse Frame Request carried in a unicast or UDP broadcast datagram. Impact: ...
CVE-2005-0061
CVE-2005-0061 (Windows kernel elevation of privilege) is a local privilege-elevation vulnerability in the Windows kernel (Windows 2000, XP SP1/SP2, Windows Server 2003) caused by the way the kernel processes certain access requests. An attacker with valid logon credentials and local access could ...
CVE-2005-2123
CVE-2005-2123 affects the Windows GDI32.DLL Graphics Rendering Engine, with heap-based buffer overflows triggered by crafted WMF/EMF image data. Affected systems include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. Root cause is overflow/unchecked size handling in image rendering, enabling ...
CVE-2005-2124
The CVE-2005-2124 entry concerns a vulnerability in the Windows Graphics Rendering Engine (GDI32.DLL) affecting Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. The flaw stems from an unchecked buffer in WMF handling, enabling remote code execution via a crafted Windows Metafile image. Exploita...