Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 517 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-07-03 | CVE-2002-0366 | Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry. | Windows_2000, Windows_nt, Windows_xp | N/A | ||
| 2002-05-16 | CVE-2002-0224 | The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. | Internet_information_services, Sql_server, Windows_2000 | N/A | ||
| 2002-04-04 | CVE-2002-0151 | Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | Windows_2000, Windows_nt, Windows_xp | N/A | ||
| 2001-12-31 | CVE-2001-1560 | Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message. | Windows_2000, Windows_xp | N/A | ||
| 2001-12-31 | CVE-2001-1518 | RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability. | Windows_2000 | N/A | ||
| 2001-05-24 | CVE-2001-1347 | Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes. | Windows_2000 | N/A | ||
| 2001-07-18 | CVE-2001-1302 | The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function. | Windows_2000 | N/A | ||
| 2001-07-27 | CVE-2001-1288 | Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | Windows_2000, Windows_nt | N/A | ||
| 2001-12-20 | CVE-2001-0879 | Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | Sql_server, Windows_2000, Windows_nt, Windows_xp | N/A | ||
| 2001-07-21 | CVE-2001-0341 | Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll. | Frontpage_server_extensions, Windows_2000, Windows_nt | N/A |