Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2002-0073 | 5.0 |
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0075 | 7.5 |
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0074 | 7.5 |
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2002-0148 | 7.5 |
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2003-0223 | 6.8 |
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
|
23-11-2020 - 19:49 | 09-06-2003 - 04:00 | |
CVE-2002-0863 | 5.0 |
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka
|
30-04-2019 - 14:27 | 11-10-2002 - 04:00 | |
CVE-2002-0724 | 7.5 |
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServer
|
30-04-2019 - 14:27 | 24-09-2002 - 04:00 | |
CVE-2002-1561 | 5.0 |
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference
|
30-04-2019 - 14:27 | 02-04-2003 - 05:00 | |
CVE-2002-0720 | 7.2 |
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
|
30-04-2019 - 14:27 | 05-09-2002 - 04:00 | |
CVE-2003-0109 | 7.5 |
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
|
30-04-2019 - 14:27 | 31-03-2003 - 05:00 | |
CVE-2001-0879 | 5.0 |
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
|
30-04-2019 - 14:27 | 20-12-2001 - 05:00 | |
CVE-2001-0151 | 5.0 |
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
|
30-10-2018 - 16:25 | 02-06-2001 - 04:00 | |
CVE-2003-0225 | 5.0 |
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory cons
|
30-10-2018 - 16:25 | 09-06-2003 - 04:00 | |
CVE-2000-0886 | 7.5 |
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
|
30-10-2018 - 16:25 | 19-12-2000 - 05:00 | |
CVE-2000-0884 | 7.5 |
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
|
30-10-2018 - 16:25 | 19-12-2000 - 05:00 | |
CVE-2003-0525 | 5.0 |
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0231 | 5.0 |
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0232 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0230 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2002-0641 | 7.5 |
Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSER
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
CVE-2002-0699 | 5.0 |
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's
|
12-10-2018 - 21:31 | 04-10-2002 - 04:00 | |
CVE-2002-0154 | 7.5 |
Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.
|
12-10-2018 - 21:31 | 16-05-2002 - 04:00 | |
CVE-2002-0070 | 7.6 |
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
|
12-10-2018 - 21:31 | 15-03-2002 - 05:00 | |
CVE-2002-0624 | 7.5 |
Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authenticat
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
CVE-2002-0013 | 10.0 |
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by th
|
12-10-2018 - 21:30 | 13-02-2002 - 05:00 | |
CVE-2002-0020 | 7.5 |
Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.
|
12-10-2018 - 21:30 | 08-03-2002 - 05:00 | |
CVE-2002-0012 | 10.0 |
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candi
|
12-10-2018 - 21:30 | 13-02-2002 - 05:00 | |
CVE-2002-0056 | 7.5 |
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
|
12-10-2018 - 21:30 | 08-03-2002 - 05:00 | |
CVE-2001-0333 | 7.5 |
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
|
12-10-2018 - 21:30 | 27-06-2001 - 04:00 | |
CVE-2001-0542 | 7.5 |
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability repo
|
12-10-2018 - 21:30 | 20-12-2001 - 05:00 |