Filtered by vendor Microsoft
Subscribe
Total
19327 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1451 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | |||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
| CVE-2000-0765 | 1 Microsoft | 3 Excel, Powerpoint, Word | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. | |||||
| CVE-1999-0750 | 1 Microsoft | 1 Hotmail | 2024-02-04 | 5.1 MEDIUM | N/A |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |||||
| CVE-2002-0720 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-02-04 | 7.2 HIGH | N/A |
| A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | |||||
| CVE-1999-0793 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. | |||||
| CVE-2003-1342 | 2 Microsoft, Trend Micro | 2 Internet Information Server, Virus Control System | 2024-02-04 | 5.0 MEDIUM | N/A |
| Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | |||||
| CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
| CVE-2002-0188 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability. | |||||
| CVE-2000-0088 | 1 Microsoft | 4 Office, Office Converter Pack, Powerpoint and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | |||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | |||||
| CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2024-02-04 | 5.1 MEDIUM | N/A |
| pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | |||||
| CVE-2001-0501 | 1 Microsoft | 1 Word | 2024-02-04 | 4.6 MEDIUM | N/A |
| Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner. | |||||
| CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-02-04 | 10.0 HIGH | N/A |
| The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | |||||
| CVE-2002-0078 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | |||||
| CVE-1999-0226 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||||
| CVE-2004-1623 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
| The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF. | |||||
| CVE-1999-1591 | 1 Microsoft | 2 Internet Information Server, Visual Interdev | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | |||||
| CVE-2000-0830 | 1 Microsoft | 1 Webtv | 2024-02-04 | 5.0 MEDIUM | N/A |
| annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705. | |||||