Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
2001-06-02 CVE-2001-0146 Invalid URL Request DoS vulnerability in Microsoft IIS
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.
network
low complexity
microsoft
5.0
2001-05-24 CVE-2001-1347 Unspecified vulnerability in Microsoft Windows 2000
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
local
low complexity
microsoft
4.6
2001-05-11 CVE-2001-1450 Unspecified vulnerability in Microsoft Internet Explorer
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./".
network
high complexity
microsoft
2.6
2001-05-03 CVE-2001-0324 Unspecified vulnerability in Microsoft Windows 2000 and Windows 98
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.
network
high complexity
microsoft
2.6
2001-05-03 CVE-2001-0281 Local Security vulnerability in Microsoft Windows NT
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
local
low complexity
microsoft
7.2
2001-05-03 CVE-2001-0154 Unspecified vulnerability in Microsoft Internet Explorer
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
network
low complexity
microsoft
7.5
2001-05-03 CVE-2001-0153 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Visual Basic and Visual Studio
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
network
low complexity
microsoft CWE-119
7.5
2001-05-03 CVE-2001-0152 Unspecified vulnerability in Microsoft Plus
The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders.
local
low complexity
microsoft
2.1
2001-05-03 CVE-2001-0147 Unspecified vulnerability in Microsoft Windows 2000
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
network
low complexity
microsoft
critical
10.0
2001-05-03 CVE-2001-0145 Unspecified vulnerability in Microsoft Outlook and Outlook Express
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
network
low complexity
microsoft
7.5