Windows 2000
by Microsoft
CVEs (522)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0550 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability". | |||
| CVE-2005-0060 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. | |||
| CVE-2004-0893 | 0.00 | — | 0.02 | Jan 10, 2005 | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel… | |||
| CVE-2004-0207 | 0.00 | — | 0.02 | Nov 3, 2004 | "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of… | |||
| CVE-2004-0208 | 0.00 | — | 0.02 | Nov 3, 2004 | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly… | |||
| CVE-2004-1649 | 0.00 | — | 0.02 | Aug 31, 2004 | Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future. | |||
| CVE-2004-0540 | 0.00 | — | 0.05 | Aug 6, 2004 | Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain. | |||
| CVE-2002-0034 | 0.00 | — | 0.02 | Feb 3, 2004 | The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected. | |||
| CVE-2003-1106 | 0.00 | — | 0.02 | Dec 31, 2003 | The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute. | |||
| CVE-2003-0350 | 0.00 | — | 0.02 | Aug 18, 2003 | The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a… | |||
| CVE-2003-0112 | 0.00 | — | 0.02 | May 12, 2003 | Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | |||
| CVE-2002-2132 | 0.00 | — | 0.02 | Dec 31, 2002 | Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||
| CVE-2002-1933 | 0.00 | — | 0.02 | Dec 31, 2002 | The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. | |||
| CVE-2002-2028 | 0.00 | — | 0.02 | Dec 31, 2002 | The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | |||
| CVE-2002-2401 | 0.00 | — | 0.02 | Dec 31, 2002 | NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||
| CVE-2002-1749 | 0.00 | — | 0.01 | Dec 31, 2002 | Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | |||
| CVE-2002-1256 | 0.00 | — | 0.05 | Dec 23, 2002 | The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection,… | |||
| CVE-2002-1184 | 0.00 | — | 0.02 | Nov 12, 2002 | The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other… | |||
| CVE-2002-0720 | 0.00 | — | 0.02 | Sep 5, 2002 | A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | |||
| CVE-2002-0443 | 0.00 | — | 0.02 | Jul 26, 2002 | Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords. |
- CVE-2005-0550May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
- CVE-2005-0060May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.
- CVE-2004-0893Jan 10, 2005risk 0.00cvss —epss 0.02
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel…
- CVE-2004-0207Nov 3, 2004risk 0.00cvss —epss 0.02
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…
- CVE-2004-0208Nov 3, 2004risk 0.00cvss —epss 0.02
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly…
- CVE-2004-1649Aug 31, 2004risk 0.00cvss —epss 0.02
Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.
- CVE-2004-0540Aug 6, 2004risk 0.00cvss —epss 0.05
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
- CVE-2002-0034Feb 3, 2004risk 0.00cvss —epss 0.02
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
- CVE-2003-1106Dec 31, 2003risk 0.00cvss —epss 0.02
The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute.
- CVE-2003-0350Aug 18, 2003risk 0.00cvss —epss 0.02
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a…
- CVE-2003-0112May 12, 2003risk 0.00cvss —epss 0.02
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
- CVE-2002-2132Dec 31, 2002risk 0.00cvss —epss 0.02
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
- CVE-2002-1933Dec 31, 2002risk 0.00cvss —epss 0.02
The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window.
- CVE-2002-2028Dec 31, 2002risk 0.00cvss —epss 0.02
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
- CVE-2002-2401Dec 31, 2002risk 0.00cvss —epss 0.02
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
- CVE-2002-1749Dec 31, 2002risk 0.00cvss —epss 0.01
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
- CVE-2002-1256Dec 23, 2002risk 0.00cvss —epss 0.05
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection,…
- CVE-2002-1184Nov 12, 2002risk 0.00cvss —epss 0.02
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other…
- CVE-2002-0720Sep 5, 2002risk 0.00cvss —epss 0.02
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
- CVE-2002-0443Jul 26, 2002risk 0.00cvss —epss 0.02
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.
Page 24 of 27