Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-06-01 | CVE-2000-0487 | Unspecified vulnerability in Microsoft Windows 2000 The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | 3.6 |
2000-06-01 | CVE-1999-0590 | A system does not present an appropriate legal message or warning to a user who is accessing it. | 10.0 |
2000-05-30 | CVE-2000-0495 | Unspecified vulnerability in Microsoft Windows Media Services 4.0/4.1 Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability. | 5.0 |
2000-05-30 | CVE-2000-0485 | Unspecified vulnerability in Microsoft SQL Server 6.5/7.0 Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. | 2.1 |
2000-05-30 | CVE-2000-0402 | Unspecified vulnerability in Microsoft SQL Server 7.0 The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | 2.1 |
2000-05-25 | CVE-2000-0404 | Unspecified vulnerability in Microsoft products The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | 5.0 |
2000-05-25 | CVE-2000-0403 | Unspecified vulnerability in Microsoft Windows NT 4.0 The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | 5.0 |
2000-05-19 | CVE-2000-0305 | Resource Management Errors vulnerability in multiple products Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. | 7.8 |
2000-05-17 | CVE-2000-0465 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability. | 5.1 |
2000-05-17 | CVE-2000-0464 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | 7.6 |