Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
2000-06-01 CVE-2000-0487 Unspecified vulnerability in Microsoft Windows 2000
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
local
low complexity
microsoft
3.6
2000-06-01 CVE-1999-0590 A system does not present an appropriate legal message or warning to a user who is accessing it.
network
low complexity
microsoft linux apple
critical
10.0
2000-05-30 CVE-2000-0495 Unspecified vulnerability in Microsoft Windows Media Services 4.0/4.1
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
network
low complexity
microsoft
5.0
2000-05-30 CVE-2000-0485 Unspecified vulnerability in Microsoft SQL Server 6.5/7.0
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
local
low complexity
microsoft
2.1
2000-05-30 CVE-2000-0402 Unspecified vulnerability in Microsoft SQL Server 7.0
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
local
low complexity
microsoft
2.1
2000-05-25 CVE-2000-0404 Unspecified vulnerability in Microsoft products
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
network
low complexity
microsoft
5.0
2000-05-25 CVE-2000-0403 Unspecified vulnerability in Microsoft Windows NT 4.0
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability.
network
low complexity
microsoft
5.0
2000-05-19 CVE-2000-0305 Resource Management Errors vulnerability in multiple products
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
network
low complexity
be microsoft CWE-399
7.8
2000-05-17 CVE-2000-0465 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
network
high complexity
microsoft
5.1
2000-05-17 CVE-2000-0464 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.
network
high complexity
microsoft
7.6