Total
634 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2018-10-12 | 7.6 HIGH | N/A |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||||
| CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2018-10-12 | 7.5 HIGH | N/A |
| Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
| CVE-2002-0020 | 1 Microsoft | 2 Interix, Windows 2000 | 2018-10-12 | 7.5 HIGH | N/A |
| Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. | |||||
| CVE-2002-0018 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 10.0 HIGH | N/A |
| In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. | |||||
| CVE-2001-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 5.0 MEDIUM | N/A |
| Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. | |||||
| CVE-2001-0659 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 5.0 MEDIUM | N/A |
| Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet. | |||||
| CVE-2001-0504 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 7.5 HIGH | N/A |
| Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying. | |||||
| CVE-2001-0502 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 4.6 MEDIUM | N/A |
| Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users. | |||||
| CVE-2001-0351 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 2.1 LOW | N/A |
| Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service. | |||||
| CVE-2001-0350 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability. | |||||
| CVE-2001-0349 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 7.2 HIGH | N/A |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability. | |||||
| CVE-2001-0348 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace. | |||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 7.5 HIGH | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 5.0 MEDIUM | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||
| CVE-2001-0345 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | |||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2018-10-12 | 7.5 HIGH | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
| CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 4.6 MEDIUM | N/A |
| The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 7.2 HIGH | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | |||||
| CVE-2001-0003 | 1 Microsoft | 4 Office, Windows 2000, Windows Me and 1 more | 2018-10-12 | 5.0 MEDIUM | N/A |
| Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | |||||
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||