Product:

Windows_2000

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 517
Date Id Summary Products Score Patch Annotated
2003-08-07 CVE-2003-0469 Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2003-07-24 CVE-2003-0349 Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. Windows_2000 N/A
2002-12-31 CVE-2002-2132 Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. Windows_2000, Windows_xp N/A
2002-12-31 CVE-2002-1700 Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message. Coldfusion, Internet_information_services, Windows_2000 N/A
2002-10-04 CVE-2002-0699 Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. Windows_2000, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2002-03-15 CVE-2002-0070 Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. Windows_2000, Windows_98, Windows_98se, Windows_nt N/A
2002-03-08 CVE-2002-0053 Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Windows_2000, Windows_95, Windows_98, Windows_98se, Windows_nt, Windows_xp N/A
2002-03-08 CVE-2002-0020 Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. Interix, Windows_2000 N/A
2002-03-08 CVE-2002-0018 In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. Windows_2000, Windows_nt N/A
2001-07-07 CVE-2001-1244 Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. Freebsd, Hp\-Ux, Vvos, Linux_kernel, Windows_2000, Windows_nt, Netbsd, Openbsd, Sunos N/A