VYPR

Vendor CVEs

Microsoft

All CVEs

14,175 total · sorted by risk
  • CVE-2002-0643Jul 23, 2002
    risk 0.00cvss epss 0.02

    The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain…

  • CVE-2002-0615Jul 3, 2002
    risk 0.00cvss epss 0.06

    The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".

  • CVE-2002-0366Jul 3, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

  • CVE-2002-0373Jul 3, 2002
    risk 0.00cvss epss 0.02

    The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through…

  • CVE-2002-0340Jun 25, 2002
    risk 0.00cvss epss 0.04

    Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via…

  • CVE-2002-0151Apr 4, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

  • CVE-2002-0024Mar 8, 2002
    risk 0.00cvss epss 0.04

    File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.

  • CVE-2001-1517Dec 31, 2001
    risk 0.00cvss epss 0.02

    RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes…

  • CVE-2001-1497Dec 31, 2001
    risk 0.00cvss epss 0.02

    Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a…

  • CVE-2001-1570Dec 31, 2001
    risk 0.00cvss epss 0.02

    Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.

  • CVE-2001-1218Dec 20, 2001
    risk 0.00cvss epss 0.01

    Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window.

  • CVE-2001-1219Dec 20, 2001
    risk 0.00cvss epss 0.06

    Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location.

  • CVE-2001-1200Dec 17, 2001
    risk 0.00cvss epss 0.02

    Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.

  • CVE-2001-0720Dec 6, 2001
    risk 0.00cvss epss 0.02

    Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled.

  • CVE-2001-0860Dec 6, 2001
    risk 0.00cvss epss 0.05

    Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).

  • CVE-2001-0919Nov 26, 2001
    risk 0.00cvss epss 0.03

    Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript.

  • CVE-2001-0666Oct 30, 2001
    risk 0.00cvss epss 0.02

    Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.

  • CVE-2001-0544Oct 30, 2001
    risk 0.00cvss epss 0.02

    IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.

  • CVE-2001-0712Oct 30, 2001
    risk 0.00cvss epss 0.06

    The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text…

  • CVE-2001-0547Sep 20, 2001
    risk 0.00cvss epss 0.02

    Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion).

  • CVE-2001-0628Aug 14, 2001
    risk 0.00cvss epss 0.02

    Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user.

  • CVE-2001-1288Jul 27, 2001
    risk 0.00cvss epss 0.06

    Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.

  • CVE-2001-0502Jul 21, 2001
    risk 0.00cvss epss 0.02

    Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.

  • CVE-2001-0501Jul 21, 2001
    risk 0.00cvss epss 0.02

    Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner.

  • CVE-2001-0351Jul 21, 2001
    risk 0.00cvss epss 0.02

    Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.

  • CVE-2001-0350Jul 21, 2001
    risk 0.00cvss epss 0.01

    Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second…

  • CVE-2001-0349Jul 21, 2001
    risk 0.00cvss epss 0.02

    Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of…

  • CVE-2001-0346Jul 21, 2001
    risk 0.00cvss epss 0.06

    Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.

  • CVE-2001-0344Jul 21, 2001
    risk 0.00cvss epss 0.02

    An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.

  • CVE-2001-1302Jul 18, 2001
    risk 0.00cvss epss 0.01

    The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the…

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0246Jun 27, 2001
    risk 0.00cvss epss 0.06

    Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the…

  • CVE-2001-0240Jun 27, 2001
    risk 0.00cvss epss 0.01

    Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.

  • CVE-2001-0338Jun 27, 2001
    risk 0.00cvss epss 0.05

    Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

  • CVE-2001-0332Jun 27, 2001
    risk 0.00cvss epss 0.06

    Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using…

  • CVE-2001-0337Jun 27, 2001
    risk 0.00cvss epss 0.05

    The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.

  • CVE-2001-0373Jun 18, 2001
    risk 0.00cvss epss 0.03

    The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.

  • CVE-2001-0261Jun 2, 2001
    risk 0.00cvss epss 0.03

    Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.

  • CVE-2001-0281May 3, 2001
    risk 0.00cvss epss 0.05

    Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.

  • CVE-2001-0016Mar 12, 2001
    risk 0.00cvss epss 0.02

    NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.

  • CVE-2001-0015Mar 12, 2001
    risk 0.00cvss epss 0.04

    Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.

  • CVE-2001-0090Feb 16, 2001
    risk 0.00cvss epss 0.04

    The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability.

  • CVE-2001-0047Feb 16, 2001
    risk 0.00cvss epss 0.06

    The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.

  • CVE-2001-0091Feb 16, 2001
    risk 0.00cvss epss 0.05

    The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.

  • CVE-2001-0046Feb 16, 2001
    risk 0.00cvss epss 0.05

    The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.

  • CVE-2001-0005Feb 12, 2001
    risk 0.00cvss epss 0.02

    Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands.

  • CVE-2001-0048Feb 12, 2001
    risk 0.00cvss epss 0.02

    The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password"…

  • CVE-2000-1139Jan 9, 2001
    risk 0.00cvss epss 0.05

    The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability.

  • CVE-2000-1082Jan 9, 2001
    risk 0.00cvss epss 0.03

    The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a…

  • CVE-2000-1088Jan 9, 2001
    risk 0.00cvss epss 0.03

    The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to…

Page 281 of 284