Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_2000
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 516 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2000-06-30 | CVE-2000-0580 | Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | Windows_2000 | N/A | ||
2000-10-20 | CVE-2000-0790 | The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. | Windows_2000, Windows_98, Windows_98se | N/A | ||
2002-06-18 | CVE-2002-0597 | LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445. | Windows_2000 | N/A | ||
2002-10-22 | CVE-2001-1451 | Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | Windows_2000 | N/A | ||
2002-08-12 | CVE-2002-0823 | Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter. | Windows_2000, Windows_help | N/A | ||
2002-12-31 | CVE-2002-2401 | NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | Windows_2000, Windows_nt, Windows_xp | N/A | ||
2002-12-31 | CVE-2002-2028 | The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | Windows_2000, Windows_nt, Windows_xp | N/A | ||
2002-12-31 | CVE-2002-2077 | The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session. | Windows_2000 | N/A | ||
2002-12-31 | CVE-2002-1932 | Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection. | Windows_2000, Windows_xp | N/A | ||
2002-12-31 | CVE-2002-1712 | Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | Windows_2000, Windows_nt | N/A |