Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_me
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 58 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-12-23 | CVE-2002-1258 | Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-12-23 | CVE-2002-1257 | Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | Windows_2000, Windows_2000_terminal_services, Windows_95, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0694 | The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2002-10-10 | CVE-2002-0693 | Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | Windows_2000, Windows_2000_terminal_services, Windows_98, Windows_98se, Windows_me, Windows_nt, Windows_xp | N/A | ||
| 2006-06-13 | CVE-2006-2376 | Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. | Windows_98, Windows_98se, Windows_me | N/A | ||
| 2006-01-10 | CVE-2006-0020 | An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability." | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2006-02-14 | CVE-2006-0006 | Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data. | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_media_player, Windows_xp | N/A | ||
| 2005-08-10 | CVE-2005-0058 | Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp | N/A | ||
| 2005-04-12 | CVE-2004-0790 | Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the... | Windows_2000, Windows_2003_server, Windows_98, Windows_98se, Windows_me, Windows_xp, Solaris, Sunos | N/A | ||
| 2004-11-23 | CVE-2004-0597 | Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | Libpng, Msn_messenger, Windows_98se, Windows_me, Windows_media_player, Windows_messenger | N/A |