Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-05-10 | CVE-2000-0304 | Unspecified vulnerability in Microsoft products Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | 5.0 |
2000-05-06 | CVE-2000-0413 | Path Disclosure vulnerability in Microsoft products The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | 5.0 |
2000-05-02 | CVE-2000-0347 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | 5.0 |
2000-04-20 | CVE-2000-0331 | Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. | 5.0 |
2000-04-20 | CVE-2000-0311 | Unspecified vulnerability in Microsoft Windows 2000 The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. | 2.1 |
2000-04-19 | CVE-2000-0256 | Buffer Overflow vulnerability in Microsoft Frontpage, Personal web Server and Windows NT Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. | 7.5 |
2000-04-14 | CVE-2000-1218 | Origin Validation Error vulnerability in Microsoft products The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | 9.8 |
2000-04-14 | CVE-2000-0260 | Unspecified vulnerability in Microsoft Frontpage and Visual Interdev Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability. | 7.5 |
2000-04-12 | CVE-2000-0259 | Unspecified vulnerability in Microsoft Terminal Server and Windows NT The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. | 7.2 |
2000-04-12 | CVE-2000-0258 | Improper Input Validation vulnerability in Microsoft products IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | 5.0 |