Filtered by vendor Microsoft
Subscribe
Total
19327 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1093 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | |||||
| CVE-2002-0860 | 1 Microsoft | 2 Office Web Components, Project | 2024-02-04 | 5.0 MEDIUM | N/A |
| The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file. | |||||
| CVE-2003-0910 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
| The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory. | |||||
| CVE-2001-0904 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. | |||||
| CVE-1999-0682 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. | |||||
| CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | |||||
| CVE-2001-0540 | 1 Microsoft | 1 Terminal Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed Remote Desktop Protocol (RDP) requests to port 3389. | |||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
| CVE-2000-0854 | 1 Microsoft | 1 Office | 2024-02-04 | 10.0 HIGH | N/A |
| When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document. | |||||
| CVE-2004-1361 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. | |||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||
| CVE-2002-0075 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message. | |||||
| CVE-2004-0284 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | |||||
| CVE-2000-0302 | 1 Microsoft | 1 Index Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL. | |||||
| CVE-2002-1260 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-04 | 7.5 HIGH | N/A |
| The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | |||||
| CVE-2003-0345 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required. | |||||
| CVE-2002-0077 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. | |||||
| CVE-1999-0839 | 1 Microsoft | 1 Ie | 2024-02-04 | 7.2 HIGH | N/A |
| Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled. | |||||
| CVE-2002-2062 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. | |||||