Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-05-03 | CVE-2001-0147 | Unspecified vulnerability in Microsoft Windows 2000 Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | 10.0 |
| 2001-05-03 | CVE-2001-0145 | Unspecified vulnerability in Microsoft Outlook and Outlook Express Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. | 7.5 |
| 2001-03-12 | CVE-2001-0137 | Unspecified vulnerability in Microsoft Windows Media Player 7 Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. | 5.1 |
| 2001-03-12 | CVE-2001-0017 | Unspecified vulnerability in Microsoft Windows NT Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | 5.0 |
| 2001-03-12 | CVE-2001-0016 | Unspecified vulnerability in Microsoft Windows NT NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | 7.2 |
| 2001-03-12 | CVE-2001-0015 | Unspecified vulnerability in Microsoft Windows 2000 Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | 7.2 |
| 2001-03-12 | CVE-1999-0681 | Unspecified vulnerability in Microsoft Frontpage and Personal web Server Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | 5.0 |
| 2001-02-16 | CVE-2001-0092 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01/5.5 A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. | 2.6 |
| 2001-02-16 | CVE-2001-0091 | Unspecified vulnerability in Microsoft Internet Explorer The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. | 2.6 |
| 2001-02-16 | CVE-2001-0090 | Unspecified vulnerability in Microsoft Internet Explorer 5.5 The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. | 5.1 |