Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-02-02 | CVE-2000-0114 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. | 5.0 |
2000-02-01 | CVE-2000-0105 | Unspecified vulnerability in Microsoft Outlook Express 5.0 Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | 5.0 |
2000-01-31 | CVE-2000-0132 | Information Exposure vulnerability in Microsoft Virtual Machine 2000/3000 Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | 2.6 |
2000-01-26 | CVE-2000-0126 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. | 5.0 |
2000-01-26 | CVE-2000-0098 | Unspecified vulnerability in Microsoft Index Server 2.0 Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | 5.0 |
2000-01-26 | CVE-2000-0097 | Unspecified vulnerability in Microsoft Index Server 2.0 The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability. | 5.0 |
2000-01-21 | CVE-2000-0115 | Unspecified vulnerability in Microsoft Internet Information Server IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | 5.0 |
2000-01-20 | CVE-2000-0088 | Unspecified vulnerability in Microsoft products Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | 7.2 |
2000-01-20 | CVE-1999-0595 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | 2.1 |
2000-01-11 | CVE-2000-0071 | Unspecified vulnerability in Microsoft products IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | 5.0 |