Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2324 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows XP The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings. | 7.2 |
| 2002-12-31 | CVE-2002-2311 | Permissions, Privileges, and Access Controls vulnerability in multiple products Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. | 6.4 |
| 2002-12-31 | CVE-2002-2283 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows XP Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users. | 1.9 |
| 2002-12-31 | CVE-2002-2202 | Local Security vulnerability in Microsoft Outlook Express 6.0 Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email. | 3.8 |
| 2002-12-31 | CVE-2002-2189 | Cross-Site Scripting vulnerability in Activwebserver Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link. | 5.1 |
| 2002-12-31 | CVE-2002-2185 | Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | 4.9 |
| 2002-12-31 | CVE-2002-2164 | Denial of Service vulnerability in Alleged Outlook Express Link Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. | 5.0 |
| 2002-12-31 | CVE-2002-2132 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | 2.1 |
| 2002-12-31 | CVE-2002-2125 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | 6.4 |
| 2002-12-31 | CVE-2002-2105 | Denial of Service vulnerability in Microsoft Windows XP .Manifest Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | 2.1 |