Filtered by vendor Microsoft
Subscribe
Total
19307 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1456 | 4 Linux, Microsoft, Mike Bobbitt and 1 more | 4 Linux Kernel, All Windows, Album.pl and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. | |||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||||
| CVE-2002-0052 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files. | |||||
| CVE-2003-1484 | 1 Microsoft | 1 Ie | 2024-02-04 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | |||||
| CVE-2001-0875 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | |||||
| CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-04 | 6.4 MEDIUM | N/A |
| Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | |||||
| CVE-1999-1164 | 1 Microsoft | 2 Outlook, Outlook Express | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang. | |||||
| CVE-1999-1538 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 2.1 LOW | N/A |
| When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. | |||||
| CVE-2001-1288 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | |||||
| CVE-1999-0701 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. | |||||
| CVE-2001-0241 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | |||||
| CVE-2002-0421 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. | |||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | |||||
| CVE-2002-0025 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document. | |||||
| CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | |||||
| CVE-2004-0215 | 2 Avaya, Microsoft | 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. | |||||
| CVE-2004-0727 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | |||||
| CVE-2001-0281 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
| Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. | |||||
| CVE-2000-0768 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2002-1257 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | |||||