Total
100 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0206 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. | |||||
| CVE-2003-1048 | 1 Microsoft | 8 Internet Explorer, Outlook, Windows 98 and 5 more | 2024-02-28 | 10.0 HIGH | 7.8 HIGH |
| Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | |||||
| CVE-2000-0347 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | |||||
| CVE-2004-0202 | 1 Microsoft | 7 Directx, Windows 2000, Windows 2003 Server and 4 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2002-0693 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | |||||
| CVE-2003-0533 | 1 Microsoft | 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | |||||
| CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2024-02-28 | 7.6 HIGH | N/A |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||||
| CVE-1999-0444 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | |||||
| CVE-1999-1201 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | |||||
| CVE-2003-0469 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. | |||||
| CVE-1999-0357 | 1 Microsoft | 1 Windows 98 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | |||||
| CVE-2000-0073 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. | |||||
| CVE-2004-0201 | 2 Avaya, Microsoft | 11 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||||
| CVE-2000-0980 | 1 Microsoft | 4 Windows 95, Windows 98, Windows 98se and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network. | |||||
| CVE-2003-0719 | 1 Microsoft | 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | |||||
| CVE-2004-0839 | 3 Avaya, Microsoft, Nortel | 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | |||||
| CVE-2000-0155 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
| Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. | |||||
| CVE-2000-1218 | 1 Microsoft | 5 Windows 2000, Windows 98, Windows 98se and 2 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | |||||
| CVE-2002-0699 | 1 Microsoft | 6 Windows 2000, Windows 98, Windows 98se and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | |||||
| CVE-2001-0324 | 1 Microsoft | 2 Windows 2000, Windows 98 | 2024-02-28 | 2.6 LOW | N/A |
| Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | |||||