Filtered by vendor Microsoft
Subscribe
Total
19962 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0226 | 1 Microsoft | 1 Internet Information Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability." | |||||
| CVE-2000-0222 | 1 Microsoft | 1 Windows 2000 | 2024-11-20 | 10.0 HIGH | N/A |
| The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs. | |||||
| CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2024-11-20 | 5.0 MEDIUM | N/A |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
| CVE-2000-0211 | 1 Microsoft | 1 Windows Media Services | 2024-11-20 | 5.0 MEDIUM | N/A |
| The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability. | |||||
| CVE-2000-0202 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-11-20 | 7.5 HIGH | N/A |
| Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query. | |||||
| CVE-2000-0201 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | 5.1 MEDIUM | N/A |
| The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | |||||
| CVE-2000-0200 | 1 Microsoft | 3 Clip Art, Greetings, Home Publishing | 2024-11-20 | 5.1 MEDIUM | N/A |
| Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2024-11-20 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2024-11-20 | 4.6 MEDIUM | N/A |
| The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||||
| CVE-2000-0168 | 1 Microsoft | 3 Windows 95, Windows 98, Windows 98se | 2024-11-20 | 5.0 MEDIUM | N/A |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. | |||||
| CVE-2000-0167 | 1 Microsoft | 1 Internet Information Server | 2024-11-20 | 2.1 LOW | N/A |
| IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | |||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2024-11-20 | 5.1 MEDIUM | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | |||||
| CVE-2000-0161 | 1 Microsoft | 1 Site Server | 2024-11-20 | 7.5 HIGH | N/A |
| Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands. | |||||
| CVE-2000-0160 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2024-11-20 | 7.6 HIGH | N/A |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. | |||||
| CVE-2000-0156 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | 5.1 MEDIUM | N/A |
| Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | |||||
| CVE-2000-0155 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-11-20 | 7.2 HIGH | N/A |
| Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2024-11-20 | 2.6 LOW | N/A |
| Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-11-20 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2000-0126 | 1 Microsoft | 1 Internet Information Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. | |||||