Total
634 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
| CVE-2004-0201 | 2 Avaya, Microsoft | 11 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||||
| CVE-2002-0054 | 1 Microsoft | 2 Exchange Server, Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | |||||
| CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||
| CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 3.6 LOW | N/A |
| NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||||
| CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
| The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
| CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2023-12-10 | 7.6 HIGH | N/A |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||||
| CVE-2003-0807 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. | |||||
| CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
| Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | |||||
| CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
| CVE-2004-0214 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 98 and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | |||||
| CVE-2003-0824 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. | |||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | |||||
| CVE-2000-0487 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 3.6 LOW | N/A |
| The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | |||||
| CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| A NETBIOS/SMB share password is the default, null, or missing. | |||||
| CVE-2001-0345 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | |||||
| CVE-1999-0700 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 6.2 MEDIUM | N/A |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. | |||||
| CVE-2000-0232 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
| Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. | |||||