Total
1350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3942 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.8 HIGH | N/A |
| The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot. | |||||
| CVE-2006-0021 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 7.8 HIGH | N/A |
| Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." | |||||
| CVE-2005-3177 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 4.6 MEDIUM | N/A |
| CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed. | |||||
| CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | |||||
| CVE-2005-1935 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue. | |||||
| CVE-2005-2122 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 10.0 HIGH | N/A |
| Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118. | |||||
| CVE-2006-4071 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 2.6 LOW | N/A |
| Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file. | |||||
| CVE-2002-0724 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | |||||
| CVE-2004-0123 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2005-1979 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. | |||||
| CVE-2002-0055 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. | |||||
| CVE-2005-1987 | 1 Microsoft | 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. | |||||
| CVE-2002-1258 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | |||||
| CVE-2006-2374 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability." | |||||
| CVE-2005-3644 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | 7.8 HIGH | N/A |
| PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120. | |||||
| CVE-2006-3351 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.4 MEDIUM | N/A |
| Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | |||||
| CVE-2005-1184 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98se and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. | |||||
| CVE-2003-0909 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 7.2 HIGH | N/A |
| Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." | |||||
| CVE-2004-0897 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 10.0 HIGH | N/A |
| The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | |||||