VYPR

Windows 2000

by Microsoft

CVEs (522)

  • CVE-2001-0147May 3, 2001
    risk 0.01cvss epss 0.06

    Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.

  • CVE-2001-0003Feb 12, 2001
    risk 0.01cvss epss 0.08

    Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM…

  • CVE-2001-0014Feb 12, 2001
    risk 0.01cvss epss 0.13

    Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.

  • CVE-2000-1111Jan 9, 2001
    risk 0.01cvss epss 0.14

    Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.

  • CVE-2000-1227Dec 31, 2000
    risk 0.01cvss epss 0.13

    Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.

  • CVE-2000-0885Dec 19, 2000
    risk 0.01cvss epss 0.13

    Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing"…

  • CVE-2000-1079Aug 29, 2000
    risk 0.01cvss epss 0.18

    Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.

  • CVE-2000-0544Jun 5, 2000
    risk 0.01cvss epss 0.17

    Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.

  • CVE-2000-0404May 25, 2000
    risk 0.01cvss epss 0.20

    The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.

  • CVE-2000-0331Apr 20, 2000
    risk 0.01cvss epss 0.08

    Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.

  • CVE-2000-0222Feb 15, 2000
    risk 0.01cvss epss 0.15

    The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs.

  • CVE-1999-0721Jul 20, 1999
    risk 0.01cvss epss 0.09

    Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

  • CVE-1999-0726Jun 30, 1999
    risk 0.01cvss epss 0.09

    An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

  • CVE-1999-0723Jun 23, 1999
    risk 0.01cvss epss 0.08

    The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

  • CVE-1999-0249Jan 1, 1997
    risk 0.01cvss epss 0.07

    Windows NT RSHSVC program allows remote users to execute arbitrary commands.

  • CVE-1999-0582Jan 1, 1997
    risk 0.01cvss epss 0.06

    A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.

  • CVE-2007-6753Mar 28, 2012
    risk 0.00cvss epss 0.02

    Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain…

  • CVE-2010-1255Jun 8, 2010
    risk 0.00cvss epss 0.05

    The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local users to execute arbitrary code via vectors related to "glyph outline…

  • CVE-2010-0484Jun 8, 2010
    risk 0.00cvss epss 0.01

    The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via…

  • CVE-2010-0819Jun 8, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to…

Page 21 of 27