Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-03-08 | CVE-2000-0202 | Unspecified vulnerability in Microsoft Data Engine and SQL Server Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query. | 7.5 |
| 2000-03-06 | CVE-2000-0200 | Unspecified vulnerability in Microsoft Clip Art, Greetings and Home Publishing Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability. | 5.1 |
| 2000-03-01 | CVE-2000-0201 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01 The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | 5.1 |
| 2000-02-29 | CVE-2000-0216 | Unspecified vulnerability in Microsoft Exchange Server, Outlook and Windows Messaging Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | 5.0 |
| 2000-02-23 | CVE-2000-0211 | Unspecified vulnerability in Microsoft Windows Media Services 4.0/4.1 The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability. | 5.0 |
| 2000-02-18 | CVE-2000-0162 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Visual Studio The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | 5.1 |
| 2000-02-18 | CVE-2000-0161 | Unspecified vulnerability in Microsoft Site Server 3.0 Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands. | 7.5 |
| 2000-02-16 | CVE-2000-0156 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | 5.1 |
| 2000-02-15 | CVE-2000-0167 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | 2.1 |
| 2000-02-14 | CVE-2000-0197 | Unspecified vulnerability in Microsoft Windows NT 4.0 The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | 4.6 |