Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2002-0367 | 7.2 |
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, a
|
16-07-2024 - 17:42 | 25-06-2002 - 04:00 | |
CVE-2002-0051 | 4.6 |
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.
|
08-02-2024 - 19:24 | 04-04-2002 - 05:00 | |
CVE-2004-0549 | 10.0 |
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying
|
23-07-2021 - 15:12 | 06-08-2004 - 04:00 | |
CVE-2003-0309 | 7.5 |
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple
|
23-07-2021 - 15:02 | 09-06-2003 - 04:00 | |
CVE-2002-0027 | 7.5 |
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Ver
|
23-07-2021 - 12:55 | 08-03-2002 - 05:00 | |
CVE-2002-0190 | 7.5 |
Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerabilit
|
23-07-2021 - 12:55 | 29-05-2002 - 04:00 | |
CVE-2002-0022 | 7.5 |
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings
|
23-07-2021 - 12:55 | 08-03-2002 - 05:00 | |
CVE-2002-0193 | 7.5 |
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating sys
|
23-07-2021 - 12:55 | 29-05-2002 - 04:00 | |
CVE-2003-0814 | 7.5 |
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJP
|
23-07-2021 - 12:55 | 03-02-2004 - 05:00 | |
CVE-2003-0817 | 7.5 |
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
|
23-07-2021 - 12:55 | 03-02-2004 - 05:00 | |
CVE-2001-0875 | 7.5 |
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.
|
23-07-2021 - 12:55 | 26-11-2001 - 05:00 | |
CVE-2001-0727 | 7.5 |
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, ak
|
23-07-2021 - 12:55 | 14-12-2001 - 05:00 | |
CVE-2003-0815 | 7.5 |
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or
|
23-07-2021 - 12:55 | 03-02-2004 - 05:00 | |
CVE-2003-0809 | 7.5 |
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.
|
23-07-2021 - 12:55 | 17-11-2003 - 05:00 | |
CVE-2003-0114 | 5.0 |
The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.
|
23-07-2021 - 12:55 | 12-05-2003 - 04:00 | |
CVE-2003-0816 | 7.5 |
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file:
|
23-07-2021 - 12:55 | 03-02-2004 - 05:00 | |
CVE-2003-0344 | 7.5 |
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
|
23-07-2021 - 12:55 | 16-06-2003 - 04:00 | |
CVE-2003-0113 | 7.5 |
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.
|
23-07-2021 - 12:55 | 12-05-2003 - 04:00 | |
CVE-2003-0233 | 7.5 |
Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.
|
23-07-2021 - 12:55 | 12-05-2003 - 04:00 | |
CVE-2003-0823 | 7.5 |
Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.
|
23-07-2021 - 12:55 | 03-02-2004 - 05:00 | |
CVE-2003-0838 | 7.5 |
Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer trea
|
23-07-2021 - 12:55 | 17-11-2003 - 05:00 | |
CVE-2001-0339 | 7.5 |
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability.
|
23-07-2021 - 12:18 | 27-06-2001 - 04:00 | |
CVE-2001-0154 | 7.5 |
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
|
23-07-2021 - 12:18 | 03-05-2001 - 04:00 | |
CVE-2001-0002 | 7.5 |
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
|
23-07-2021 - 12:18 | 21-07-2001 - 04:00 | |
CVE-2002-0147 | 7.5 |
Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0073 | 5.0 |
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0075 | 7.5 |
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0149 | 7.5 |
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0150 | 7.5 |
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0074 | 7.5 |
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0148 | 7.5 |
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0055 | 5.0 |
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
|
09-04-2020 - 13:46 | 08-03-2002 - 05:00 | |
CVE-2001-0509 | 5.0 |
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
|
02-04-2020 - 12:56 | 20-09-2001 - 04:00 | |
CVE-2002-0049 | 6.4 |
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys.
|
02-04-2020 - 12:38 | 08-03-2002 - 05:00 | |
CVE-2002-1258 | 5.0 |
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in
|
30-04-2019 - 14:27 | 23-12-2002 - 05:00 | |
CVE-2002-0863 | 5.0 |
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka
|
30-04-2019 - 14:27 | 11-10-2002 - 04:00 | |
CVE-2002-1561 | 5.0 |
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference
|
30-04-2019 - 14:27 | 02-04-2003 - 05:00 | |
CVE-2002-0151 | 7.2 |
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
|
30-04-2019 - 14:27 | 04-04-2002 - 05:00 | |
CVE-2002-0366 | 7.2 |
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
|
30-04-2019 - 14:27 | 03-07-2002 - 04:00 | |
CVE-2003-0010 | 7.5 |
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a lar
|
30-04-2019 - 14:27 | 24-03-2003 - 05:00 | |
CVE-2003-0003 | 7.5 |
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter inf
|
30-04-2019 - 14:27 | 07-02-2003 - 05:00 | |
CVE-2003-0660 | 7.5 |
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user appr
|
30-04-2019 - 14:27 | 17-11-2003 - 05:00 | |
CVE-2003-0109 | 7.5 |
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
|
30-04-2019 - 14:27 | 31-03-2003 - 05:00 | |
CVE-2003-0345 | 7.5 |
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
|
30-04-2019 - 14:27 | 18-08-2003 - 04:00 | |
CVE-2003-0822 | 7.5 |
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
|
30-04-2019 - 14:27 | 15-12-2003 - 05:00 | |
CVE-2003-0111 | 7.5 |
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Fla
|
30-04-2019 - 14:27 | 05-05-2003 - 04:00 | |
CVE-2003-0717 | 7.5 |
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
|
30-04-2019 - 14:27 | 17-11-2003 - 05:00 | |
CVE-2003-0824 | 5.0 |
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain
|
30-04-2019 - 14:27 | 15-12-2003 - 05:00 | |
CVE-2003-0662 | 9.3 |
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
|
30-04-2019 - 14:27 | 17-11-2003 - 05:00 | |
CVE-2003-0352 | 7.5 |
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
|
30-04-2019 - 14:27 | 18-08-2003 - 04:00 | |
CVE-2004-0212 | 10.0 |
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Interne
|
30-04-2019 - 14:27 | 06-08-2004 - 04:00 | |
CVE-2003-0715 | 10.0 |
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a d
|
30-04-2019 - 14:27 | 17-09-2003 - 04:00 | |
CVE-2004-0202 | 5.0 |
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
30-04-2019 - 14:27 | 06-08-2004 - 04:00 | |
CVE-2003-0659 | 7.2 |
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
|
30-04-2019 - 14:27 | 17-11-2003 - 05:00 | |
CVE-2003-0605 | 7.5 |
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject int
|
30-04-2019 - 14:27 | 27-08-2003 - 04:00 | |
CVE-2003-0528 | 10.0 |
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CV
|
30-04-2019 - 14:27 | 17-09-2003 - 04:00 | |
CVE-2003-0812 | 7.5 |
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated
|
30-04-2019 - 14:27 | 15-12-2003 - 05:00 | |
CVE-2002-0364 | 7.5 |
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
|
30-10-2018 - 16:25 | 03-07-2002 - 04:00 | |
CVE-2002-0079 | 7.5 |
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
|
30-10-2018 - 16:25 | 22-04-2002 - 04:00 | |
CVE-2002-0372 | 7.5 |
Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement s
|
30-10-2018 - 16:25 | 03-07-2002 - 04:00 | |
CVE-2002-0071 | 7.5 |
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
|
30-10-2018 - 16:25 | 22-04-2002 - 04:00 | |
CVE-2001-0151 | 5.0 |
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
|
30-10-2018 - 16:25 | 02-06-2001 - 04:00 | |
CVE-2003-0228 | 7.5 |
Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that cause
|
30-10-2018 - 16:25 | 27-05-2003 - 04:00 | |
CVE-2003-0225 | 5.0 |
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory cons
|
30-10-2018 - 16:25 | 09-06-2003 - 04:00 | |
CVE-2000-0886 | 7.5 |
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
|
30-10-2018 - 16:25 | 19-12-2000 - 05:00 | |
CVE-2003-0224 | 10.0 |
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer
|
30-10-2018 - 16:25 | 09-06-2003 - 04:00 | |
CVE-2000-0884 | 7.5 |
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
|
30-10-2018 - 16:25 | 19-12-2000 - 05:00 | |
CVE-2002-0649 | 7.5 |
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04
|
19-10-2018 - 15:29 | 12-08-2002 - 04:00 | |
CVE-2003-0905 | 5.0 |
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP pack
|
12-10-2018 - 21:33 | 15-04-2004 - 04:00 | |
CVE-2003-0525 | 5.0 |
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0110 | 5.0 |
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, ma
|
12-10-2018 - 21:32 | 05-05-2003 - 04:00 | |
CVE-2003-0526 | 6.8 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleans
|
12-10-2018 - 21:32 | 18-08-2003 - 04:00 | |
CVE-2003-0663 | 5.0 |
Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.
|
12-10-2018 - 21:32 | 01-06-2004 - 04:00 | |
CVE-2003-0533 | 7.5 |
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and
|
12-10-2018 - 21:32 | 01-06-2004 - 04:00 | |
CVE-2002-0642 | 7.2 |
The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Perm
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
CVE-2002-0018 | 10.0 |
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Admin
|
12-10-2018 - 21:30 | 08-03-2002 - 05:00 | |
CVE-2002-0053 | 7.5 |
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be
|
12-10-2018 - 21:30 | 08-03-2002 - 05:00 | |
CVE-2001-0719 | 7.5 |
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.
|
12-10-2018 - 21:30 | 06-12-2001 - 05:00 | |
CVE-2001-0333 | 7.5 |
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
|
12-10-2018 - 21:30 | 27-06-2001 - 04:00 | |
CVE-2001-0500 | 10.0 |
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data
|
12-10-2018 - 21:30 | 21-07-2001 - 04:00 | |
CVE-2000-1081 | 4.6 |
The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which
|
12-10-2018 - 21:29 | 09-01-2001 - 05:00 | |
CVE-2000-0377 | 5.0 |
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
|
12-10-2018 - 21:29 | 08-06-2000 - 04:00 | |
CVE-2000-0979 | 6.4 |
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first characte
|
12-10-2018 - 21:29 | 19-12-2000 - 05:00 | |
CVE-2000-1079 | 7.5 |
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast d
|
19-12-2017 - 02:29 | 29-08-2000 - 04:00 | |
CVE-1999-0562 | 7.5 |
The registry in Windows NT can be accessed remotely by users who are not administrators.
|
19-10-2017 - 01:29 | 01-01-1997 - 05:00 | |
CVE-2002-1117 | 5.0 |
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
|
10-10-2017 - 01:30 | 04-10-2002 - 04:00 | |
CVE-1999-0621 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration En
|
01-08-2008 - 04:00 | 01-01-1999 - 05:00 |