460 matches found
CVE-2002-0694
The CVE-2002-0694 issue is tied to an unchecked buffer in Windows Help (Q323255) that affected Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP. Root cause: a vulnerability in the HTML Help facility could allow a remote attack...
CVE-2002-1256
CVE-2002-1256 describes a flaw in SMB signing in Windows 2000/XP that lets an attacker disable SMB signing in a session and inject unsigned data, potentially modifying group policy information sent from a domain controller. Affected products are Microsoft Windows 2000 and Windows XP; the root cau...
CVE-2005-2124
The CVE-2005-2124 entry concerns a vulnerability in the Windows Graphics Rendering Engine (GDI32.DLL) affecting Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. The flaw stems from an unchecked buffer in WMF handling, enabling remote code execution via a crafted Windows Metafile image. Exploita...
CVE-2006-0020
CVE-2006-0020 describes a WMF parsing memory corruption affecting Internet Explorer on Windows platforms (e.g., IE 5.01 SP4 on 2000 SP4; 5.5 SP2 on Millennium) where a crafted WMF file with manipulated header size (potential integer overflow) can crash the process and may allow code execution. Th...
CVE-2006-3873
CVE-2006-3873 describes a heap-based buffer overflow in URLMON.DLL of Microsoft Internet Explorer 6 SP1 on Windows 2000/XP SP1, exploitable via a long URL in a GZIP-compressed HTTP-redirected web page. The issue is tied to an incomplete fix for CVE-2006-3869 and is mitigated by applying the MS06-...
CVE-2009-0083
CVE-2009-0083 is a Windows kernel local privilege escalation vulnerability (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1) caused by improper handling of specially crafted invalid pointers. A local attacker could gain kernel privileges via an application that triggers use of an invalid pointer. M...
CVE-2009-4210
CVE-2009-4210 describes memory corruption in the Microsoft Windows Indeo codec exposed by crafted media content, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The OpenVAS entries corroborate multiple vulnerabilities in the Indeo codec and list CVE-2009-4210 among the affected vulne...
CVE-2009-4313
The CVE-2009-4313 issue affects the Microsoft Windows Indeo32 codec (ir32_32.dll 3.24.15.3) in Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The underlying flaw is malformed data in a stream within media files (e.g., AVI), which can lead to heap corruption and allow remote code execution or ...
CVE-2010-0235
CVE-2010-0235 is the Windows Kernel Symbolic Link Value Vulnerability. The provided documents confirm a denial-of-service impact (system becomes unresponsive and reboots) caused by improper validation of symbolic link values when created by the Windows kernel. Affected products (per MS10-021 and ...
CVE-1999-0715
CVE-1999-0715 is a buffer-overflow vulnerability in the Microsoft Windows Remote Access Service (RAS) API/Client that can allow a local attacker to execute arbitrary code with LocalSystem privileges by creating a crafted RAS phonebook entry. Microsoft MS99-016 provides a patch to address the issu...
CVE-1999-0726
CVE-1999-0726 affects Windows NT with a DoS via executing a program that uses a malformed file image header. Connected sources reiterate the attack is a denial of service caused by malformed file image headers, but do not provide specific vulnerable components, affected product versions, or expli...
CVE-2000-0073
CVE-2000-0073 involves a buffer overflow in the Microsoft Rich Text Format (RTF) reader triggered by a malformed control word, leading to a denial of service. The affected software is the RTF reader component in Microsoft environments. The root cause is a buffer overflow condition, as described i...
CVE-2000-0222
CVE-2000-0222 concerns Windows 2000: the installer does not activate the Administrator password until reboot, enabling remote access to the ADMIN$ share without a password until that reboot occurs. OpenVAS-derived content references this CVE in a script-cve list and highlights a broader SMB conte...
CVE-2000-0790
The CVE-2000-0790 entry describes a local-in-the-IE5.5/Windows 98 scenario where modifying Folder.htt and invoking the default execute option via the ShellDefView ActiveX control could cause Trojan horses to be run for the first listed file. No explicit affected versions beyond IE 5.5 on Windows ...
CVE-2001-0147
CVE-2001-0147 concerns a buffer overflow in the Windows 2000 Event Viewer snap-in. The overflow occurs when processing/displaying properties of individual event records, and can allow arbitrary code execution when a user examines a malicious event log entry. CERT/CC notes that the data enabling a...
CVE-2001-0543
The CVE-2001-0543 issue affects the NNTP service in Windows NT 4.0 and Windows 2000, where a memory leak can be triggered by processing a large number of malformed posts. This memory growth can lead to denial of service through exhaustion of resources. The provided material does not specify exact...
CVE-2001-1244
Technical details such as affected products, versions, and root cause are not publicly provided in the connected documents. Monitor CVE-2001-1244 updates for concrete details.
CVE-2002-0692
The CVE-2002-0692 issue concerns a buffer overflow in Microsoft FrontPage Server Extensions’ SmartHTML interpreter (shtml.dll). FPSE 2000 is affected by denial of service (CPU consumption); FPSE 2002 can allow remote code execution via a crafted web-file request. The vulnerability is tied to the ...
CVE-2002-1214
CVE-2002-1214 describes a buffer overflow in Microsoft PPTP Service affecting Windows XP and Windows 2000 (and Terminal Services) that can be triggered by a PPTP control data packet with malformed data. The vulnerability can lead to a denial of service and, in some cases, may allow the attacker t...
CVE-2004-0116
CVE-2004-0116 maps to a Denial-of-Service in the RPCSS Service involved with DCOM activation. The issue is triggered by specially crafted activation requests that exhaust memory when the RPCSS service fails to reclaim discarded memory, leading to remote DoS on affected Windows versions. Affected ...
CVE-2005-0057
Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...
CVE-2005-2123
CVE-2005-2123 affects the Windows GDI32.DLL Graphics Rendering Engine, with heap-based buffer overflows triggered by crafted WMF/EMF image data. Affected systems include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. Root cause is overflow/unchecked size handling in image rendering, enabling ...
CVE-2006-1591
CVE-2006-1591 describes a heap-based buffer overflow in Microsoft Windows Help winhlp32.exe caused by improper parsing of malformed .hlp files. The vulnerability permits user-assisted attackers to execute arbitrary code by crafting an embedded image data payload within a Windows Help (.hlp) file....
CVE-2006-2380
CVE-2006-2380 corresponds to a spoofing vulnerability in RPC mutual authentication on Microsoft Windows 2000 SP4. The issue arises from the RPC service not correctly validating the identity of the RPC server during mutual authentication over SSL, potentially allowing an attacker to impersonate a ...
CVE-2008-0083
CVE-2008-0083 affects Microsoft VBScript/JScript scripting engines (VBScript.dll and JScript.dll) version 5.1 and 5.6 used in Windows 2000 SP4, XP SP2, and Server 2003 SP1/SP2. A vulnerability in decoding scripts in Web pages and in memory loading could allow remote code execution through unknown...
CVE-2000-1227
CVE-2000-1227 affects Windows NT 4.0 and Windows 2000 hosts. The vulnerability allows remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests without reading the response. The available documents describe the affected products and the S...
CVE-2002-1932
CVE-2002-1932 affects Microsoft Windows XP and Windows 2000. When configured to send administrative alerts and with the "+Do not overwrite events (clear log manually)" option enabled, the system fails to notify administrators when the event log reaches its maximum size, allowing local users and r...
CVE-2004-1306
The connected advisories confirm a heap-based buffer overflow in winhlp32.exe that can be triggered by a crafted .hlp file, exposing remote code execution on affected Windows versions: Windows NT, Windows 2000 (SP4), Windows XP (SP2), and Windows Server 2003. Root cause: unsafe handling during ph...
CVE-2005-0551
CVE-2005-0551 corresponds to a local privilege-elevation vulnerability in CSRSS (Client Server Runtime Subsystem) via WINSRV.DLL handling a console window FaceName string. A stack-based buffer overflow in CONSOLE_STATE_INFO (FaceName[32]) can be triggered by a crafted console window, enabling a l...
CVE-2005-2827
The CVE-2005-2827 window kernel vulnerability affects Windows NT 4.0 and Windows 2000 (NTOSKRNL.EXE) where a terminating thread’s APC handling can lead to memory corruption and control of kernel execution. Root cause: during thread exit, the APC free loop in PspExitThread and related KiMoveApcSta...
CVE-2005-3170
CVE-2005-3170 affects Microsoft Windows 2000 prior to Update Rollup 1 for SP4. The LDAP client accepts LDAPS certificates even when the CA is not trusted, enabling attackers to mislead users into thinking they are on a trusted site. No exploitation details are provided in the sources. Remediation...
CVE-2005-3945
The CVE-2005-3945 entry describes a vulnerability in the SynAttackProtect protection of Microsoft Windows 2003 (before SP1) and Windows 2000 (before SP4 with Update Roll-up). The issue arises from using a hash of predictable data, which enables a remote attacker to cause high CPU usage by sending...
CVE-2007-1205
CVE-2007-1205 is a remote code execution vulnerability in Microsoft Agent (msagent\agentsvr.exe) on Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 SP1/SP2. The flaw arises from how Microsoft Agent handles certain specially crafted URLs, leading to memory corruption and arbitrary code e...
CVE-2007-1211
CVE-2007-1211 is the WMF/GDI-related vulnerability affecting Windows 2000 SP4, XP SP2, and Windows Server 2003 SP1/SP2 where a crafted WMF triggers an invalid dereference in a kernel structure, enabling user-assisted denial of service (potential persistent restart). The CVE is linked to CVE-2005-...
CVE-2007-5352
CVE-2007-5352 is a local privilege-escalation vulnerability in Microsoft Windows LSASS. The root cause is LSASS’s improper handling of specially crafted LPC requests, which could allow a local attacker to execute code with SYSTEM privileges and take full control of the affected system. Affected p...
CVE-2009-1138
CVE-2009-1138 concerns Microsoft Active Directory on Windows 2000 Server SP4, where the LDAP/LDAPS service fails to free memory for certain hex-encoded requests. The underlying issue, described as an invalid free/memory leak, can allow a remote attacker to cause arbitrary code execution on the ta...
CVE-2009-1139
CVE-2009-1139 is a memory leak/denial-of-service vulnerability in the LDAP service of Active Directory and ADAM. A remote attacker can trigger memory exhaustion by sending LDAP/LDAPS requests with specific OID filters. Affected: Windows 2000 Server SP4, Windows Server 2003 SP2, and ADAM on Window...
CVE-2010-0238
CVE-2010-0238 corresponds to the Windows Kernel Registry Key Vulnerability. A denial-of-service occurs when the Windows kernel validates registry keys, enabling a crafted local app to cause the system to become unresponsive and reboot on affected products: Windows 2000 SP4, XP SP2/SP3, Server 200...
CVE-1999-0562
Technical details on CVE-1999-0562 are not publicly provided in the connected documents. The sources reiterate that the Windows NT registry can be accessed remotely by non-administrators. Monitor for updates for concrete impact, affected versions, and remediation.
CVE-2000-0544
CVE-2000-0544 affects Windows NT and Windows 2000 hosts due to malformed DCE/RPC SMBwriteX requests carrying an invalid data length, enabling a remote attacker to cause a denial of service. The connected Nessus plugin MS00-066 indicates a patch (hotfix Q272303) addressing this issue; the descript...
CVE-2001-0237
CVE-2001-0237 affects Microsoft Windows 2000 domain controllers, where the Kerberos service can leak memory when it receives certain invalid Kerberos requests, potentially exhausting memory and causing a denial of service. Affected component is the Kerberos service (KDC) on Windows 2000 domain co...
CVE-2001-0504
The CVE-2001-0504 entry affects the SMTP service in Microsoft Windows 2000. A flaw in the authentication handling could allow an intruder to bypass credentials, enabling the attacker to send mail and, in effect, relay through the vulnerable server. The underlying issue is a weakness in how the SM...
CVE-2002-0699
The CVE-2002-0699 issue affects the Certificate Enrollment ActiveX Control used by Windows 98/98SE/Millennium/NT 4.0/2000/XP. The root cause is a flaw in the Certificate Enrollment Control that allows remote attackers to delete digital certificates on a user’s system via HTML. OpenVAS entries cor...
CVE-2002-0823
The CVE-2002-0823 entry maps to a buffer overflow in Winhlp32.exe triggered by an HTML document calling the HTML Help ActiveX control HHCtrl.ocx with a long pathname in the Item parameter. Affected software is Microsoft Windows components involving WinHlp32.exe and HHCtrl.ocx. The root cause is a...
CVE-2005-2122
CVE-2005-2122 corresponds to a Windows Shell buffer overflow in the handling of .lnk shortcut files, enabling remote code execution when a user opens a specially crafted shortcut or properties dialog. The issue affects Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003, and is part of the MS05...
CVE-2008-2251
CVE-2008-2251 describes a kernel double-free vulnerability in Windows that allows local privilege escalation when a crafted multi-threaded system-call flow mishandles user-supplied data. Affected products include Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Windows Vista (Gold/SP1), and Win...
CVE-2009-4309
CVE-2009-4309 describes a heap-based buffer overflow in the Intel Indeo41 codec used by Windows Media Player, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises from missing bounds checking on a size field in the IV41/movi record of an IV41 stream, permitting remote atta...
CVE-2009-4311
CVE-2009-4311 describes an unspecified vulnerability in Microsoft's Indeo codec used by Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2, enabling remote code execution via crafted media content. Connected documents reference multiple SoCs (OpenVAS/NVD) and Microsoft security advisories (KB95575...
CVE-2001-0018
The CVE-2001-0018 entry affects Windows 2000 domain controllers (Windows 2000 Server, Advanced Server, or Datacenter Server). It describes a denial-of-service vulnerability caused by remote attackers sending a flood of malformed service requests to the DC, leading to partial availability impact. ...
CVE-2001-0659
CVE-2001-0659 describes a buffer overflow in the Windows 2000 IrDA driver (infrared data exchange). A malformed IrDA packet can be used by a physically proximate attacker to trigger a denial of service reboot. Technical details in connected sources identify the affected component as the IrDA driv...