Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_nt
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 253 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-04-02 | CVE-2002-1561 | The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | Windows_2000, Windows_2000_terminal_services, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1325 | Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1260 | The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1258 | Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1257 | Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-11-12 | CVE-2002-1184 | The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs. | Windows_2000, Windows_nt | N/A | ||
| 2002-10-11 | CVE-2002-0863 | Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | \.net_windows_server, Windows_2000, Windows_2000_terminal_services, Windows_nt, Windows_xp | N/A | ||
| 2002-09-24 | CVE-2002-0724 | Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | Windows_2000, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0694 | The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0693 | Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A |