Product:

Windows_98se

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 61
Date Id Summary Products Score Patch Annotated
2002-10-04 CVE-2002-0862 The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported... Internet_explorer, Office, Outlook_express, Windows_2000, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp N/A
2000-04-14 CVE-2000-1218 The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. Windows_2000, Windows_98, Windows_98se, Windows_nt, Windows_xp 9.8
2004-07-27 CVE-2003-1048 Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. Internet_explorer, Outlook, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_server_2003, Windows_xp 7.8
1999-08-11 CVE-1999-0875 DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. Windows_2000, Windows_95, Windows_98se, Solaris, Sunos N/A
1999-09-20 CVE-1999-0909 Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. Terminal_server, Windows_95, Windows_98se, Windows_nt N/A
2000-03-04 CVE-2000-0168 Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. Windows_95, Windows_98, Windows_98se N/A
2000-10-20 CVE-2000-0790 The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. Windows_2000, Windows_98, Windows_98se N/A
2005-07-27 CVE-2005-2388 Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. Windows_2000, Windows_2003_server, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_xp N/A
2004-08-18 CVE-2004-0839 Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". Definity_one_media_server, Ip600_media_servers, Modular_messaging_message_storage_server, S3400, S8100, Ie, Internet_explorer, Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp, Ip_softphone_2050, Mobile_voice_client_2050, Optivity_telephony_manager, Symposium_web_centre_portal, Symposium_web_client N/A
2005-05-02 CVE-2005-0053 Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Ie, Internet_explorer, Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp N/A