460 matches found
CVE-2006-3873
CVE-2006-3873 describes a heap-based buffer overflow in URLMON.DLL of Microsoft Internet Explorer 6 SP1 on Windows 2000/XP SP1, exploitable via a long URL in a GZIP-compressed HTTP-redirected web page. The issue is tied to an incomplete fix for CVE-2006-3869 and is mitigated by applying the MS06-...
CVE-2008-1456
CVE-2008-1456 describes a remote code execution vulnerability in the Windows Event System caused by improper validation when indexing an array of function pointers. Affected products include Windows 2000 SP4, XP (SP2/SP3), Server 2003 (SP1/SP2), Vista (initial and SP1), and Server 2008. The issue...
CVE-2009-0083
CVE-2009-0083 is a Windows kernel local privilege escalation vulnerability (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1) caused by improper handling of specially crafted invalid pointers. A local attacker could gain kernel privileges via an application that triggers use of an invalid pointer. M...
CVE-2009-1125
CVE-2009-1125 corresponds to the Windows Driver Class Registration Vulnerability. The Microsoft Windows kernel does not properly validate an argument passed to a Windows kernel system call, enabling local privilege escalation if a crafted user-mode application is run. Affected products include Wi...
CVE-2009-3673
Microsoft Internet Explorer 7/8 are affected by CVE-2009-3673 (Uninitialized Memory Corruption). A remote code execution vulnerability exists due to improper handling of memory for objects that are uninitialized or deleted, exploitable via a specially crafted web page and potentially via heap spr...
CVE-2009-4210
CVE-2009-4210 describes memory corruption in the Microsoft Windows Indeo codec exposed by crafted media content, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The OpenVAS entries corroborate multiple vulnerabilities in the Indeo codec and list CVE-2009-4210 among the affected vulne...
CVE-1999-0715
CVE-1999-0715 is a buffer-overflow vulnerability in the Microsoft Windows Remote Access Service (RAS) API/Client that can allow a local attacker to execute arbitrary code with LocalSystem privileges by creating a crafted RAS phonebook entry. Microsoft MS99-016 provides a patch to address the issu...
CVE-1999-0875
Technical details (affected products/versions, exploitation, or mitigations) for CVE-1999-0875 are not provided in the supplied documents. Monitor for updates and additional disclosures.
CVE-2000-0331
CVE-2000-0331 affects Microsoft CMD.EXE on Windows NT and Windows 2000. The vulnerability is a buffer overflow caused by a long environment variable, enabling a local user to cause a denial of service. The available documents provide the root cause and impact but do not specify a remediation or p...
CVE-2002-1214
CVE-2002-1214 describes a buffer overflow in Microsoft PPTP Service affecting Windows XP and Windows 2000 (and Terminal Services) that can be triggered by a PPTP control data packet with malformed data. The vulnerability can lead to a denial of service and, in some cases, may allow the attacker t...
CVE-2002-1256
CVE-2002-1256 describes a flaw in SMB signing in Windows 2000/XP that lets an attacker disable SMB signing in a session and inject unsigned data, potentially modifying group policy information sent from a domain controller. Affected products are Microsoft Windows 2000 and Windows XP; the root cau...
CVE-2004-1306
The connected advisories confirm a heap-based buffer overflow in winhlp32.exe that can be triggered by a crafted .hlp file, exposing remote code execution on affected Windows versions: Windows NT, Windows 2000 (SP4), Windows XP (SP2), and Windows Server 2003. Root cause: unsafe handling during ph...
CVE-2006-0020
CVE-2006-0020 describes a WMF parsing memory corruption affecting Internet Explorer on Windows platforms (e.g., IE 5.01 SP4 on 2000 SP4; 5.5 SP2 on Millennium) where a crafted WMF file with manipulated header size (potential integer overflow) can crash the process and may allow code execution. Th...
CVE-2009-4309
CVE-2009-4309 describes a heap-based buffer overflow in the Intel Indeo41 codec used by Windows Media Player, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises from missing bounds checking on a size field in the IV41/movi record of an IV41 stream, permitting remote atta...
CVE-2010-0235
CVE-2010-0235 is the Windows Kernel Symbolic Link Value Vulnerability. The provided documents confirm a denial-of-service impact (system becomes unresponsive and reboots) caused by improper validation of symbolic link values when created by the Windows kernel. Affected products (per MS10-021 and ...
CVE-1999-0726
CVE-1999-0726 affects Windows NT with a DoS via executing a program that uses a malformed file image header. Connected sources reiterate the attack is a denial of service caused by malformed file image headers, but do not provide specific vulnerable components, affected product versions, or expli...
CVE-2000-0073
CVE-2000-0073 involves a buffer overflow in the Microsoft Rich Text Format (RTF) reader triggered by a malformed control word, leading to a denial of service. The affected software is the RTF reader component in Microsoft environments. The root cause is a buffer overflow condition, as described i...
CVE-2000-0222
CVE-2000-0222 concerns Windows 2000: the installer does not activate the Administrator password until reboot, enabling remote access to the ADMIN$ share without a password until that reboot occurs. OpenVAS-derived content references this CVE in a script-cve list and highlights a broader SMB conte...
CVE-2000-0544
CVE-2000-0544 affects Windows NT and Windows 2000 hosts due to malformed DCE/RPC SMBwriteX requests carrying an invalid data length, enabling a remote attacker to cause a denial of service. The connected Nessus plugin MS00-066 indicates a patch (hotfix Q272303) addressing this issue; the descript...
CVE-2000-0790
The CVE-2000-0790 entry describes a local-in-the-IE5.5/Windows 98 scenario where modifying Folder.htt and invoking the default execute option via the ShellDefView ActiveX control could cause Trojan horses to be run for the first listed file. No explicit affected versions beyond IE 5.5 on Windows ...
CVE-2001-0147
CVE-2001-0147 concerns a buffer overflow in the Windows 2000 Event Viewer snap-in. The overflow occurs when processing/displaying properties of individual event records, and can allow arbitrary code execution when a user examines a malicious event log entry. CERT/CC notes that the data enabling a...
CVE-2001-0543
The CVE-2001-0543 issue affects the NNTP service in Windows NT 4.0 and Windows 2000, where a memory leak can be triggered by processing a large number of malformed posts. This memory growth can lead to denial of service through exhaustion of resources. The provided material does not specify exact...
CVE-2001-1244
Technical details such as affected products, versions, and root cause are not publicly provided in the connected documents. Monitor CVE-2001-1244 updates for concrete details.
CVE-2002-0692
The CVE-2002-0692 issue concerns a buffer overflow in Microsoft FrontPage Server Extensions’ SmartHTML interpreter (shtml.dll). FPSE 2000 is affected by denial of service (CPU consumption); FPSE 2002 can allow remote code execution via a crafted web-file request. The vulnerability is tied to the ...
CVE-2004-0116
CVE-2004-0116 maps to a Denial-of-Service in the RPCSS Service involved with DCOM activation. The issue is triggered by specially crafted activation requests that exhaust memory when the RPCSS service fails to reclaim discarded memory, leading to remote DoS on affected Windows versions. Affected ...
CVE-2005-0551
CVE-2005-0551 corresponds to a local privilege-elevation vulnerability in CSRSS (Client Server Runtime Subsystem) via WINSRV.DLL handling a console window FaceName string. A stack-based buffer overflow in CONSOLE_STATE_INFO (FaceName[32]) can be triggered by a crafted console window, enabling a l...
CVE-2005-2827
The CVE-2005-2827 window kernel vulnerability affects Windows NT 4.0 and Windows 2000 (NTOSKRNL.EXE) where a terminating thread’s APC handling can lead to memory corruption and control of kernel execution. Root cause: during thread exit, the APC free loop in PspExitThread and related KiMoveApcSta...
CVE-2005-3170
CVE-2005-3170 affects Microsoft Windows 2000 prior to Update Rollup 1 for SP4. The LDAP client accepts LDAPS certificates even when the CA is not trusted, enabling attackers to mislead users into thinking they are on a trusted site. No exploitation details are provided in the sources. Remediation...
CVE-2006-1591
CVE-2006-1591 describes a heap-based buffer overflow in Microsoft Windows Help winhlp32.exe caused by improper parsing of malformed .hlp files. The vulnerability permits user-assisted attackers to execute arbitrary code by crafting an embedded image data payload within a Windows Help (.hlp) file....
CVE-2006-2380
CVE-2006-2380 corresponds to a spoofing vulnerability in RPC mutual authentication on Microsoft Windows 2000 SP4. The issue arises from the RPC service not correctly validating the identity of the RPC server during mutual authentication over SSL, potentially allowing an attacker to impersonate a ...
CVE-2007-1211
CVE-2007-1211 is the WMF/GDI-related vulnerability affecting Windows 2000 SP4, XP SP2, and Windows Server 2003 SP1/SP2 where a crafted WMF triggers an invalid dereference in a kernel structure, enabling user-assisted denial of service (potential persistent restart). The CVE is linked to CVE-2005-...
CVE-2007-5352
CVE-2007-5352 is a local privilege-escalation vulnerability in Microsoft Windows LSASS. The root cause is LSASS’s improper handling of specially crafted LPC requests, which could allow a local attacker to execute code with SYSTEM privileges and take full control of the affected system. Affected p...
CVE-2008-0083
CVE-2008-0083 affects Microsoft VBScript/JScript scripting engines (VBScript.dll and JScript.dll) version 5.1 and 5.6 used in Windows 2000 SP4, XP SP2, and Server 2003 SP1/SP2. A vulnerability in decoding scripts in Web pages and in memory loading could allow remote code execution through unknown...
CVE-2000-1227
CVE-2000-1227 affects Windows NT 4.0 and Windows 2000 hosts. The vulnerability allows remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests without reading the response. The available documents describe the affected products and the S...
CVE-2001-0237
CVE-2001-0237 affects Microsoft Windows 2000 domain controllers, where the Kerberos service can leak memory when it receives certain invalid Kerberos requests, potentially exhausting memory and causing a denial of service. Affected component is the Kerberos service (KDC) on Windows 2000 domain co...
CVE-2001-0504
The CVE-2001-0504 entry affects the SMTP service in Microsoft Windows 2000. A flaw in the authentication handling could allow an intruder to bypass credentials, enabling the attacker to send mail and, in effect, relay through the vulnerable server. The underlying issue is a weakness in how the SM...
CVE-2002-1932
CVE-2002-1932 affects Microsoft Windows XP and Windows 2000. When configured to send administrative alerts and with the "+Do not overwrite events (clear log manually)" option enabled, the system fails to notify administrators when the event log reaches its maximum size, allowing local users and r...
CVE-2003-0812
CVE-2003-0812 corresponds to a stack-based buffer overflow in the Windows Workstation Service (WKSSVC.DLL) that can be exploited via RPC to achieve remote code execution through NetAddAlternateComputerName logging paths. Affected platforms include Windows 2000 and Windows XP (and 64‑bit edition p...
CVE-2005-3945
The CVE-2005-3945 entry describes a vulnerability in the SynAttackProtect protection of Microsoft Windows 2003 (before SP1) and Windows 2000 (before SP4 with Update Roll-up). The issue arises from using a hash of predictable data, which enables a remote attacker to cause high CPU usage by sending...
CVE-2007-1205
CVE-2007-1205 is a remote code execution vulnerability in Microsoft Agent (msagent\agentsvr.exe) on Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 SP1/SP2. The flaw arises from how Microsoft Agent handles certain specially crafted URLs, leading to memory corruption and arbitrary code e...
CVE-2009-1138
CVE-2009-1138 concerns Microsoft Active Directory on Windows 2000 Server SP4, where the LDAP/LDAPS service fails to free memory for certain hex-encoded requests. The underlying issue, described as an invalid free/memory leak, can allow a remote attacker to cause arbitrary code execution on the ta...
CVE-2009-1139
CVE-2009-1139 is a memory leak/denial-of-service vulnerability in the LDAP service of Active Directory and ADAM. A remote attacker can trigger memory exhaustion by sending LDAP/LDAPS requests with specific OID filters. Affected: Windows 2000 Server SP4, Windows Server 2003 SP2, and ADAM on Window...
CVE-2009-4311
CVE-2009-4311 describes an unspecified vulnerability in Microsoft's Indeo codec used by Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2, enabling remote code execution via crafted media content. Connected documents reference multiple SoCs (OpenVAS/NVD) and Microsoft security advisories (KB95575...
CVE-2010-0238
CVE-2010-0238 corresponds to the Windows Kernel Registry Key Vulnerability. A denial-of-service occurs when the Windows kernel validates registry keys, enabling a crafted local app to cause the system to become unresponsive and reboot on affected products: Windows 2000 SP4, XP SP2/SP3, Server 200...
CVE-1999-0562
Technical details on CVE-1999-0562 are not publicly provided in the connected documents. The sources reiterate that the Windows NT registry can be accessed remotely by non-administrators. Monitor for updates for concrete impact, affected versions, and remediation.
CVE-2000-0232
CVE-2000-0232 affects Microsoft TCP/IP Printing Services (Print Services for Unix). The vulnerability is that a malformed TCP/IP print request can be used to cause a denial of service. It is a local-attack, low-severity issue (CVSS v2 base score 2.1, availability impact PARTIAL). The documentatio...
CVE-2000-0311
Technical details for CVE-2000-0311 are not publicly available in the provided documents. Monitor for updates.
CVE-2002-0699
The CVE-2002-0699 issue affects the Certificate Enrollment ActiveX Control used by Windows 98/98SE/Millennium/NT 4.0/2000/XP. The root cause is a flaw in the Certificate Enrollment Control that allows remote attackers to delete digital certificates on a user’s system via HTML. OpenVAS entries cor...
CVE-2002-0823
The CVE-2002-0823 entry maps to a buffer overflow in Winhlp32.exe triggered by an HTML document calling the HTML Help ActiveX control HHCtrl.ocx with a long pathname in the Item parameter. Affected software is Microsoft Windows components involving WinHlp32.exe and HHCtrl.ocx. The root cause is a...
CVE-2003-0662
CVE-2003-0662 describes a buffer overflow in the Windows 2000 Troubleshooter ActiveX Control (Tshoot.ocx). The vulnerability exists in Windows 2000 SP4 and earlier and allows a remote attacker to execute arbitrary code by delivering a crafted HTML document with a long argument to the RunQuery2 me...