Total
634 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4310 | 2 Microsoft, Windows | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. | |||||
| CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2009-4210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-10 | 9.3 HIGH | N/A |
| The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content. | |||||
| CVE-2001-0261 | 1 Microsoft | 1 Windows 2000 | 2017-12-19 | 2.1 LOW | N/A |
| Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files. | |||||
| CVE-2000-1079 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2017-12-19 | 7.5 HIGH | N/A |
| Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | |||||
| CVE-2006-5988 | 1 Microsoft | 1 Windows 2000 | 2017-11-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco Pack module. NOTE: the provenance of this information is unknown; the details are obtained from third party information. As of 20061116, this disclosure has no actionable information. However, since the VulnDisco Pack author is a reliable researcher, the disclosure is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-11-21 | 2.1 LOW | N/A |
| Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||||
| CVE-2006-6723 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-19 | 7.8 HIGH | N/A |
| The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request. | |||||
| CVE-2006-6261 | 2 Microsoft, Quinnware | 7 Windows 2000, Windows 95, Windows 98 and 4 more | 2017-10-19 | 9.3 HIGH | N/A |
| Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields. | |||||
| CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2017-10-19 | 7.5 HIGH | N/A |
| The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2017-10-11 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | |||||
| CVE-2007-2186 | 2 Foxit, Microsoft | 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more | 2017-10-11 | 5.0 MEDIUM | N/A |
| Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | |||||
| CVE-2007-1912 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2017-10-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. | |||||
| CVE-2007-1645 | 2 Futuresoft, Microsoft | 2 Tftp Server 2000, Windows 2000 | 2017-10-11 | 10.0 HIGH | N/A |
| Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a long request on UDP port 69. NOTE: this issue might overlap CVE-2006-4781 or CVE-2005-1812. | |||||
| CVE-2007-1347 | 1 Microsoft | 3 Windows 2000, Windows Explorer, Windows Xp | 2017-10-11 | 7.1 HIGH | N/A |
| Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. | |||||
| CVE-2006-7210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-10-11 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | |||||
| CVE-2001-0951 | 1 Microsoft | 1 Windows 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters. | |||||
| CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-10 | 7.5 HIGH | N/A |
| Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | |||||
| CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2017-10-10 | 2.1 LOW | N/A |
| The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||