Total
287 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | |||||
| CVE-1999-0391 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2023-12-10 | 7.5 HIGH | N/A |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | |||||
| CVE-1999-0278 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | |||||
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | |||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
| CVE-2003-0910 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
| The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory. | |||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
| CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 7.8 HIGH | N/A |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
| CVE-2002-1184 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
| The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs. | |||||
| CVE-2002-0151 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | |||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | |||||
| CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2023-12-10 | N/A | N/A |
| A version of finger is running that exposes valid user information to any entity on the network. | |||||
| CVE-2003-1407 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. | |||||
| CVE-2002-0694 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
| The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | |||||
| CVE-2002-1260 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2023-12-10 | 7.5 HIGH | N/A |
| The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | |||||
| CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
| CVE-2004-0201 | 2 Avaya, Microsoft | 11 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||||
| CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||