Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 516 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-02-03 | CVE-2002-0034 | The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected. | Windows_2000, Windows_xp | N/A | ||
| 2004-11-03 | CVE-2004-0214 | Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | Internet_explorer, Windows_2000, Windows_98, Windows_me, Windows_xp | N/A | ||
| 2005-10-13 | CVE-2005-1987 | Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. | Exchange_server, Windows_2000, Windows_server_2003, Windows_xp | N/A | ||
| 2004-08-06 | CVE-2004-0540 | Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain. | Windows_2000 | N/A | ||
| 2005-07-27 | CVE-2005-2388 | Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. | Windows_2000, Windows_2003_server, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2007-11-20 | CVE-2007-6043 | The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898. | Windows_2000 | N/A | ||
| 2008-10-20 | CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd | N/A | ||
| 1997-01-01 | CVE-1999-0582 | A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. | Windows_2000, Windows_nt | N/A | ||
| 1997-01-01 | CVE-1999-0572 | .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. | Windows_2000, Windows_nt | N/A | ||
| 1997-01-01 | CVE-1999-0535 | A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. | Windows_2000, Windows_nt | N/A |