Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-03-01 | CVE-2000-0201 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01 The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | 5.1 |
2000-02-29 | CVE-2000-0216 | Unspecified vulnerability in Microsoft Exchange Server, Outlook and Windows Messaging Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | 5.0 |
2000-02-23 | CVE-2000-0211 | Unspecified vulnerability in Microsoft Windows Media Services 4.0/4.1 The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability. | 5.0 |
2000-02-18 | CVE-2000-0162 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Visual Studio The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | 5.1 |
2000-02-18 | CVE-2000-0161 | Unspecified vulnerability in Microsoft Site Server 3.0 Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands. | 7.5 |
2000-02-16 | CVE-2000-0156 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | 5.1 |
2000-02-15 | CVE-2000-0167 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | 2.1 |
2000-02-14 | CVE-2000-0197 | Unspecified vulnerability in Microsoft Windows NT 4.0 The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | 4.6 |
2000-02-04 | CVE-2000-0129 | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows NT Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | 2.1 |
2000-02-03 | CVE-2000-0122 | Unspecified vulnerability in Microsoft Frontpage 2000/98 Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program. | 5.0 |