Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-01-10 | CVE-2000-0081 | Unspecified vulnerability in Microsoft Hotmail Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. | 10.0 |
2000-01-07 | CVE-2000-0061 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. | 10.0 |
2000-01-04 | CVE-2000-0085 | Unspecified vulnerability in Microsoft Hotmail Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | 7.5 |
1999-12-31 | CVE-1999-1591 | Authentication vulnerability in Microsoft VisualInterDev 6.0 - IIS4- Management With No Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | 7.5 |
1999-12-31 | CVE-1999-1474 | Unspecified vulnerability in Microsoft Powerpoint 95/97 PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. | 7.5 |
1999-12-31 | CVE-1999-1473 | Unspecified vulnerability in Microsoft Internet Explorer 3.0.2/4.0 When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | 5.0 |
1999-12-31 | CVE-1999-1472 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | 5.0 |
1999-12-31 | CVE-1999-1455 | Unspecified vulnerability in Microsoft Windows NT RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | 7.5 |
1999-12-31 | CVE-1999-1452 | Unspecified vulnerability in Microsoft Windows NT 4.0 GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | 2.1 |
1999-12-31 | CVE-1999-1451 | Unspecified vulnerability in Microsoft Internet Information Server and Site Server The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. | 5.0 |