Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 516 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-07-19 | CVE-2005-2307 | netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability." | Windows_2000, Windows_xp | N/A | ||
| 2005-10-21 | CVE-2005-2122 | Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-10-21 | CVE-2005-2118 | Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-08-10 | CVE-2005-1982 | Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-08-10 | CVE-2005-1981 | Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message. | Windows_2000, Windows_2003_server | N/A | ||
| 2005-08-10 | CVE-2005-1218 | The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | Windows_2000, Windows_2003_server, Windows_xp | N/A | ||
| 2005-06-14 | CVE-2005-1214 | Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2005-06-14 | CVE-2005-1212 | Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | Windows_2000, Windows_2000_terminal_services, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2005-05-02 | CVE-2005-1191 | The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. | Windows_2000, Windows_98, Windows_98se, Windows_me | N/A | ||
| 2005-05-02 | CVE-2005-1184 | The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. | Windows_2000, Windows_2003_server, Windows_98se, Windows_nt, Windows_xp | N/A |