Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
2000-07-11 CVE-2000-0654 Unspecified vulnerability in Microsoft SQL Server 7.0
Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability.
local
low complexity
microsoft
4.6
2000-07-07 CVE-2000-0603 Unspecified vulnerability in Microsoft SQL Server 7.0
Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability.
local
low complexity
microsoft
4.6
2000-07-01 CVE-1999-0585 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
A Windows NT administrator account has the default name of Administrator.
local
low complexity
microsoft
2.1
2000-06-15 CVE-2000-0475 Unspecified vulnerability in Microsoft Windows 2000
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
local
low complexity
microsoft
4.6
2000-06-08 CVE-2000-0377 Unspecified vulnerability in Microsoft Windows NT 4.0
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
network
low complexity
microsoft
5.0
2000-06-06 CVE-2000-0503 Unspecified vulnerability in Microsoft Internet Explorer
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
network
high complexity
microsoft
2.6
2000-06-05 CVE-2000-0544 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.
network
low complexity
microsoft
5.0
2000-06-05 CVE-2000-0524 Unspecified vulnerability in Microsoft Exchange Server and Outlook
Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From.
network
low complexity
microsoft
5.0
2000-06-05 CVE-2000-0519 Unspecified vulnerability in Microsoft IE and Internet Explorer
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
network
high complexity
microsoft
2.6
2000-06-05 CVE-2000-0518 Unspecified vulnerability in Microsoft IE and Internet Explorer
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
network
high complexity
microsoft
2.6