Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-01-20 | CVE-1999-0595 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | 2.1 |
| 2000-01-11 | CVE-2000-0071 | Unspecified vulnerability in Microsoft products IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | 5.0 |
| 2000-01-10 | CVE-2000-0081 | Unspecified vulnerability in Microsoft Hotmail Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. | 10.0 |
| 2000-01-07 | CVE-2000-0061 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. | 10.0 |
| 2000-01-04 | CVE-2000-0085 | Unspecified vulnerability in Microsoft Hotmail Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | 7.5 |
| 1999-12-31 | CVE-1999-1591 | Authentication vulnerability in Microsoft VisualInterDev 6.0 - IIS4- Management With No Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | 7.5 |
| 1999-12-31 | CVE-1999-1474 | Unspecified vulnerability in Microsoft Powerpoint 95/97 PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. | 7.5 |
| 1999-12-31 | CVE-1999-1473 | Unspecified vulnerability in Microsoft Internet Explorer 3.0.2/4.0 When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | 5.0 |
| 1999-12-31 | CVE-1999-1472 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | 5.0 |
| 1999-12-31 | CVE-1999-1455 | Unspecified vulnerability in Microsoft Windows NT RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | 7.5 |