Product:

Windows_2000

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 517
Date Id Summary Products Score Patch Annotated
2006-12-05 CVE-2006-6296 The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644. Windows_2000, Windows_xp N/A
2006-08-09 CVE-2006-3444 Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer." Windows_2000 N/A
2006-08-09 CVE-2006-3443 Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability." Windows_2000 N/A
2006-06-13 CVE-2006-2380 Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability." Windows_2000 N/A
2006-06-13 CVE-2006-2379 Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2006-06-13 CVE-2006-2371 Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." Windows_2000, Windows_2003_server, Windows_xp N/A
2006-06-13 CVE-2006-2370 Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." Windows_2000, Windows_2003_server, Windows_xp N/A
2006-04-03 CVE-2006-1591 Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2006-06-13 CVE-2006-1313 Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2006-05-10 CVE-2006-1184 Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119. Distributed_transaction_coordinator, Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A