Product:

Windows_98

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 86
Date Id Summary Products Score Patch Annotated
2009-01-15 CVE-1999-1593 Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. Windows_2000, Windows_95, Windows_98 N/A
2006-06-13 CVE-2006-1313 Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2006-01-09 CVE-2006-0143 Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2006-04-12 CVE-2006-0012 Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2006-01-10 CVE-2006-0010 Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2005-06-14 CVE-2005-1214 Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2005-06-14 CVE-2005-1212 Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2005-05-02 CVE-2005-1191 The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. Windows_2000, Windows_98, Windows_98se, Windows_me N/A
2005-04-27 CVE-2005-0416 The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2005-05-02 CVE-2005-0063 The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A