VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2004-0201Aug 6, 2004
    risk 0.04cvss epss 0.45

    Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.

  • CVE-2004-0420Jul 7, 2004
    risk 0.04cvss epss 0.46

    The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet…

  • CVE-2004-0474Jul 7, 2004
    risk 0.04cvss epss 0.16

    Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.

  • CVE-2004-2090Feb 7, 2004
    risk 0.04cvss epss 0.16

    Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

  • CVE-2003-1275Dec 31, 2003
    risk 0.04cvss epss 0.17

    Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.

  • CVE-2003-1378Dec 31, 2003
    risk 0.04cvss epss 0.16

    Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.

  • CVE-2003-1505Dec 31, 2003
    risk 0.04cvss epss 0.13

    Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.

  • CVE-2003-0447Jul 24, 2003
    risk 0.04cvss epss 0.14

    The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.

  • CVE-2003-0118May 12, 2003
    risk 0.04cvss epss 0.08

    SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded…

  • CVE-2003-0117May 12, 2003
    risk 0.04cvss epss 0.09

    Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.

  • CVE-2003-0009Mar 7, 2003
    risk 0.04cvss epss 0.15

    Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.

  • CVE-2002-1688Dec 31, 2002
    risk 0.04cvss epss 0.17

    The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back…

  • CVE-2002-2073Dec 31, 2002
    risk 0.04cvss epss 0.13

    Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.

  • CVE-2002-2062Dec 31, 2002
    risk 0.04cvss epss 0.13

    Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the…

  • CVE-2002-1705Dec 31, 2002
    risk 0.04cvss epss 0.18

    Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.

  • CVE-2002-1187Dec 11, 2002
    risk 0.04cvss epss 0.14

    Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the…

  • CVE-2002-0862Oct 4, 2002
    risk 0.04cvss epss 0.19

    The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly…

  • CVE-2002-0974Sep 24, 2002
    risk 0.04cvss epss 0.14

    Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm.

  • CVE-2002-0976Sep 24, 2002
    risk 0.04cvss epss 0.14

    Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.

  • CVE-2002-0723Sep 24, 2002
    risk 0.04cvss epss 0.15

    Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."

  • CVE-2002-0982Sep 24, 2002
    risk 0.04cvss epss 0.08

    Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.

  • CVE-2002-1444Aug 15, 2002
    risk 0.04cvss epss 0.14

    The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the…

  • CVE-2002-0644Aug 12, 2002
    risk 0.04cvss epss 0.11

    Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.

  • CVE-2002-0642Jul 23, 2002
    risk 0.04cvss epss 0.50

    The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service…

  • CVE-2002-0187Jul 3, 2002
    risk 0.04cvss epss 0.14

    Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."

  • CVE-2002-0189May 29, 2002
    risk 0.04cvss epss 0.14

    Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.

  • CVE-2002-0153Apr 22, 2002
    risk 0.04cvss epss 0.18

    Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.

  • CVE-2002-0150Apr 22, 2002
    risk 0.04cvss epss 0.49

    Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.

  • CVE-2001-1489Dec 31, 2001
    risk 0.04cvss epss 0.18

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

  • CVE-2001-0877Dec 20, 2001
    risk 0.04cvss epss 0.44

    Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or…

  • CVE-2001-0909Nov 21, 2001
    risk 0.04cvss epss 0.18

    Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.

  • CVE-2001-0664Oct 30, 2001
    risk 0.04cvss epss 0.18

    Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone…

  • CVE-2001-0507Sep 20, 2001
    risk 0.04cvss epss 0.09

    IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.

  • CVE-2001-0643Sep 20, 2001
    risk 0.04cvss epss 0.10

    Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.

  • CVE-2000-1200Aug 31, 2001
    risk 0.04cvss epss 0.48

    Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.

  • CVE-2001-0336Jun 27, 2001
    risk 0.04cvss epss 0.16

    The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.

  • CVE-2001-0150Jun 2, 2001
    risk 0.04cvss epss 0.18

    Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which…

  • CVE-2001-0324May 3, 2001
    risk 0.04cvss epss 0.15

    Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.

  • CVE-2001-0152May 3, 2001
    risk 0.04cvss epss 0.09

    The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders.

  • CVE-2001-0089Feb 16, 2001
    risk 0.04cvss epss 0.14

    Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.

  • CVE-2001-0028Feb 12, 2001
    risk 0.04cvss epss 0.07

    Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.

  • CVE-2000-1147Jan 9, 2001
    risk 0.04cvss epss 0.08

    Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.

  • CVE-2000-1112Jan 9, 2001
    risk 0.04cvss epss 0.14

    Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.

  • CVE-2000-1105Jan 9, 2001
    risk 0.04cvss epss 0.10

    The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.

  • CVE-2000-1039Jan 9, 2001
    risk 0.04cvss epss 0.46

    Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of…

  • CVE-2001-0162Jan 1, 2001
    risk 0.04cvss epss 0.15

    WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.

  • CVE-2000-0970Dec 19, 2000
    risk 0.04cvss epss 0.46

    IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.

  • CVE-2000-0929Dec 19, 2000
    risk 0.04cvss epss 0.14

    Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.

  • CVE-2000-1061Dec 11, 2000
    risk 0.04cvss epss 0.10

    Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the…

  • CVE-2000-0851Nov 14, 2000
    risk 0.04cvss epss 0.08

    Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.

Page 217 of 287