Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_98se
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 61 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-08-06 | CVE-2004-0201 | Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | Definity_one_media_server, Ip600_media_servers, Modular_messaging_message_storage_server, S8100, Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2003-03-24 | CVE-2003-0010 | Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1325 | Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1260 | The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1258 | Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1257 | Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0694 | The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0693 | Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2006-06-13 | CVE-2006-2376 | Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. | Windows_98, Windows_98se, Windows_me | N/A | ||
| 2006-01-10 | CVE-2006-0020 | An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability." | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A |