Filtered by vendor Microsoft
Subscribe
Total
19327 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0110 | 1 Microsoft | 2 Isa Server, Proxy Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. | |||||
| CVE-2002-0700 | 1 Microsoft | 1 Content Management Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise." | |||||
| CVE-1999-1474 | 1 Microsoft | 1 Powerpoint | 2024-02-04 | 7.5 HIGH | N/A |
| PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. | |||||
| CVE-2000-0304 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | |||||
| CVE-1999-0154 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. | |||||
| CVE-2002-1142 | 1 Microsoft | 3 Data Access Components, Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. | |||||
| CVE-2001-0874 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
| CVE-2001-0017 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | |||||
| CVE-2003-0115 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. | |||||
| CVE-2001-0999 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 7.5 HIGH | N/A |
| Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script. | |||||
| CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2024-02-04 | 7.5 HIGH | N/A |
| Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
| CVE-2001-0945 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line. | |||||
| CVE-2000-0439 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. | |||||
| CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
| The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
| CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | |||||
| CVE-1999-0723 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.1 HIGH | N/A |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2001-0092 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2000-0266 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. | |||||