Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_me
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 58 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-04-12 | CVE-2004-0790 | Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the... | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp, Solaris, Sunos | N/A | ||
| 2004-11-23 | CVE-2004-0597 | Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | Libpng, Msn_messenger, Windows_98se, Windows_me, Windows_media_player, Windows_messenger | N/A | ||
| 2004-06-01 | CVE-2004-0123 | Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2004-06-01 | CVE-2004-0117 | Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | Netmeeting, Windows_2000, Windows_2003_server, Windows_98, Windows_me, Windows_xp | N/A | ||
| 2004-06-01 | CVE-2003-0719 | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | Netmeeting, Windows_2000, Windows_2003_server, Windows_98, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2004-06-01 | CVE-2003-0533 | Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | Netmeeting, Windows_2000, Windows_2003_server, Windows_98, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2003-08-07 | CVE-2003-0469 | Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2003-03-07 | CVE-2003-0009 | Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. | Windows_me, Windows_xp | N/A | ||
| 2002-10-11 | CVE-2002-1139 | The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression." | Windows_98_plus_pack, Windows_me, Windows_xp | N/A | ||
| 2002-10-04 | CVE-2002-0699 | Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | Windows_2000, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A |