Product:

Windows_2000

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 517
Date Id Summary Products Score Patch Annotated
2004-08-31 CVE-2004-1649 Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future. Windows_2000 N/A
2004-12-31 CVE-2004-1049 Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2005-04-12 CVE-2004-0790 Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the... Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp, Solaris, Sunos N/A
2004-11-03 CVE-2004-0209 Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." Windows_2000, Windows_2003_server, Windows_xp N/A
2004-11-03 CVE-2004-0208 The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2004-11-03 CVE-2004-0207 "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. Windows_2000, Windows_2003_server, Windows_98, Windows_nt, Windows_xp N/A
2004-11-03 CVE-2004-0206 Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. Windows_2000, Windows_2003_server, Windows_98, Windows_nt, Windows_xp N/A
2004-06-01 CVE-2004-0124 The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2004-06-01 CVE-2004-0123 Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2004-06-01 CVE-2004-0120 The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. Windows_2000, Windows_2003_server, Windows_xp N/A