Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_98se
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 61 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2002-10-04 | CVE-2002-0862 | The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported... | Internet_explorer, Office, Outlook_express, Windows_2000, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
2000-04-14 | CVE-2000-1218 | The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | Windows_2000, Windows_98, Windows_98se, Windows_nt, Windows_xp | 9.8 | ||
2004-07-27 | CVE-2003-1048 | Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | Internet_explorer, Outlook, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_server_2003, Windows_xp | 7.8 | ||
1999-08-11 | CVE-1999-0875 | DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | Windows_2000, Windows_95, Windows_98se, Solaris, Sunos | N/A | ||
1999-09-20 | CVE-1999-0909 | Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | Terminal_server, Windows_95, Windows_98se, Windows_nt | N/A | ||
2000-03-04 | CVE-2000-0168 | Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. | Windows_95, Windows_98, Windows_98se | N/A | ||
2000-10-20 | CVE-2000-0790 | The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. | Windows_2000, Windows_98, Windows_98se | N/A | ||
2005-07-27 | CVE-2005-2388 | Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. | Windows_2000, Windows_2003_server, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
2004-08-18 | CVE-2004-0839 | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | Definity_one_media_server, Ip600_media_servers, Modular_messaging_message_storage_server, S3400, S8100, Ie, Internet_explorer, Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp, Ip_softphone_2050, Mobile_voice_client_2050, Optivity_telephony_manager, Symposium_web_centre_portal, Symposium_web_client | N/A | ||
2005-05-02 | CVE-2005-0053 | Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." | Ie, Internet_explorer, Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A |