VYPR

Vendor CVEs

Microsoft

All CVEs

14,175 total · sorted by risk
  • CVE-2004-0211Nov 3, 2004
    risk 0.00cvss epss 0.02

    The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.

  • CVE-2004-0207Nov 3, 2004
    risk 0.00cvss epss 0.02

    "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…

  • CVE-2004-0208Nov 3, 2004
    risk 0.00cvss epss 0.02

    The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly…

  • CVE-2004-0928Oct 5, 2004
    risk 0.00cvss epss 0.04

    The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".

  • CVE-2004-1649Aug 31, 2004
    risk 0.00cvss epss 0.02

    Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.

  • CVE-2004-0205Aug 6, 2004
    risk 0.00cvss epss 0.24

    Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.

  • CVE-2004-0540Aug 6, 2004
    risk 0.00cvss epss 0.05

    Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.

  • CVE-2004-0719Jul 27, 2004
    risk 0.00cvss epss 0.05

    Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the…

  • CVE-2004-0115Mar 3, 2004
    risk 0.00cvss epss 0.02

    VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file.

  • CVE-2004-2091Feb 10, 2004
    risk 0.00cvss epss 0.03

    Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.

  • CVE-2002-0034Feb 3, 2004
    risk 0.00cvss epss 0.02

    The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.

  • CVE-2003-1306Dec 31, 2003
    risk 0.00cvss epss 0.01

    Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response.

  • CVE-2003-1482Dec 31, 2003
    risk 0.00cvss epss 0.01

    The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access.

  • CVE-2003-1107Dec 31, 2003
    risk 0.00cvss epss 0.05

    The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.

  • CVE-2003-1106Dec 31, 2003
    risk 0.00cvss epss 0.02

    The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute.

  • CVE-2003-1392Dec 31, 2003
    risk 0.00cvss epss 0.01

    CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.

  • CVE-2003-0897Nov 17, 2003
    risk 0.00cvss epss 0.02

    "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.

  • CVE-2003-0664Oct 20, 2003
    risk 0.00cvss epss 0.04

    Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.

  • CVE-2003-0230Aug 27, 2003
    risk 0.00cvss epss 0.02

    Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.

  • CVE-2003-0350Aug 18, 2003
    risk 0.00cvss epss 0.02

    The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a…

  • CVE-2003-0301Jun 16, 2003
    risk 0.00cvss epss 0.06

    The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.

  • CVE-2003-0300Jun 16, 2003
    risk 0.00cvss epss 0.03

    The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.

  • CVE-2003-0112May 12, 2003
    risk 0.00cvss epss 0.02

    Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

  • CVE-2003-0007Feb 7, 2003
    risk 0.00cvss epss 0.04

    Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to…

  • CVE-2002-2401Dec 31, 2002
    risk 0.00cvss epss 0.02

    NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

  • CVE-2002-1876Dec 31, 2002
    risk 0.00cvss epss 0.05

    Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.

  • CVE-2002-1824Dec 31, 2002
    risk 0.00cvss epss 0.03

    Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE:…

  • CVE-2002-2185Dec 31, 2002
    risk 0.00cvss epss 0.02

    The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively…

  • CVE-2002-2189Dec 31, 2002
    risk 0.00cvss epss 0.07

    Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.

  • CVE-2002-1981Dec 31, 2002
    risk 0.00cvss epss 0.05

    Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings.

  • CVE-2002-2324Dec 31, 2002
    risk 0.00cvss epss 0.02

    The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify…

  • CVE-2002-1670Dec 31, 2002
    risk 0.00cvss epss 0.01

    Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched.

  • CVE-2002-1749Dec 31, 2002
    risk 0.00cvss epss 0.01

    Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.

  • CVE-2002-2202Dec 31, 2002
    risk 0.00cvss epss 0.01

    Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.

  • CVE-2002-2028Dec 31, 2002
    risk 0.00cvss epss 0.02

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.

  • CVE-2002-2283Dec 31, 2002
    risk 0.00cvss epss 0.02

    Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users.

  • CVE-2002-1692Dec 31, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.

  • CVE-2002-2132Dec 31, 2002
    risk 0.00cvss epss 0.02

    Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.

  • CVE-2002-1933Dec 31, 2002
    risk 0.00cvss epss 0.02

    The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window.

  • CVE-2002-1256Dec 23, 2002
    risk 0.00cvss epss 0.05

    The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection,…

  • CVE-2002-1184Nov 12, 2002
    risk 0.00cvss epss 0.02

    The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other…

  • CVE-2002-1150Oct 11, 2002
    risk 0.00cvss epss 0.04

    The Remote Desktop Sharing (RDS) Screen Saver Protection capability for Microsoft NetMeeting 3.01 through SP2 (4.4.3396) allows attackers with physical access to hijack remote sessions by entering certain logoff or shutdown sequences (such as CTRL-ALT-DEL) and canceling out of…

  • CVE-2002-1138Oct 11, 2002
    risk 0.00cvss epss 0.05

    Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka…

  • CVE-2002-1139Oct 11, 2002
    risk 0.00cvss epss 0.04

    The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka…

  • CVE-2002-0720Sep 5, 2002
    risk 0.00cvss epss 0.02

    A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.

  • CVE-2002-0507Aug 12, 2002
    risk 0.00cvss epss 0.02

    An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually…

  • CVE-2002-0815Aug 12, 2002
    risk 0.00cvss epss 0.04

    The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted…

  • CVE-2002-0645Aug 12, 2002
    risk 0.00cvss epss 0.04

    SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.

  • CVE-2002-0718Aug 12, 2002
    risk 0.00cvss epss 0.06

    Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."

  • CVE-2002-0443Jul 26, 2002
    risk 0.00cvss epss 0.02

    Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.

Page 280 of 284