Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 517 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-04-14 | CVE-2010-0487 | The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid... | Windows_2000, Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-06-08 | CVE-2010-0819 | Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability." | Windows_2000, Windows_2003_server, Windows_7, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-06-08 | CVE-2010-0484 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability." | Windows_2000, Windows_2003_server, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-06-08 | CVE-2010-1255 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline information" and TrueType fonts, aka "Win32k TrueType Font Parsing Vulnerability." | Windows_2000, Windows_2003_server, Windows_7, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 1999-02-12 | CVE-1999-0372 | The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | Backoffice, Windows_2000, Windows_nt | N/A | ||
| 1999-05-07 | CVE-1999-0717 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | Excel, Windows_2000, Windows_95, Windows_98, Windows_nt | N/A | ||
| 1999-05-17 | CVE-1999-0716 | Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. | Windows_2000, Windows_nt | N/A | ||
| 1999-05-20 | CVE-1999-0715 | Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. | Windows_2000, Windows_nt | N/A | ||
| 1999-05-27 | CVE-1999-0755 | Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | Windows_2000, Windows_nt | N/A | ||
| 1999-06-16 | CVE-1999-0874 | Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | Internet_information_server, Windows_2000, Windows_nt | N/A |