Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-09-07 | CVE-2001-1099 | Unrestricted Upload of File With Dangerous Type vulnerability in Symantec Norton Antivirus 2.5 The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. | 5.0 |
| 2001-08-31 | CVE-2001-1452 | Origin Validation Error vulnerability in Microsoft Windows 2000 and Windows NT By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses. | 7.5 |
| 2001-08-31 | CVE-2000-1200 | Unspecified vulnerability in Microsoft Windows NT 4.0 Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | 5.0 |
| 2001-08-14 | CVE-2001-0628 | Unspecified vulnerability in Microsoft Word 2000 Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user. | 7.2 |
| 2001-08-14 | CVE-2001-0538 | Unspecified vulnerability in Microsoft Outlook Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. | 10.0 |
| 2001-08-14 | CVE-2001-0504 | Authentication vulnerability in Microsoft Windows 2000 SMTP Improper Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying. | 7.5 |
| 2001-08-03 | CVE-2001-1122 | Unspecified vulnerability in Microsoft Windows NT 4.0 Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | 2.1 |
| 2001-07-30 | CVE-2001-1055 | Denial of Service vulnerability in Windows ARP The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | 5.0 |
| 2001-07-27 | CVE-2001-1288 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | 2.1 |
| 2001-07-21 | CVE-2001-0503 | Unspecified vulnerability in Microsoft Netmeeting 3.01 Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service via a malformed string to the NetMeeting service port, aka a variant of the "NetMeeting Desktop Sharing" vulnerability. | 5.0 |