Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-03 | CVE-2004-0847 | Path Traversal vulnerability in Microsoft Asp.Net 1.0/1.1 The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability." | 9.8 |
| 2004-08-06 | CVE-2004-0213 | Missing Authentication for Critical Function vulnerability in Microsoft Windows 2000 Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908. | 7.8 |
| 2004-08-06 | CVE-2004-0210 | Classic Buffer Overflow vulnerability in Microsoft Interix, Windows 2000 and Windows NT The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. | 7.8 |
| 2004-07-27 | CVE-2003-1048 | Double Free vulnerability in Microsoft products Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | 7.8 |
| 2004-06-01 | CVE-2004-0119 | NULL Pointer Dereference vulnerability in Microsoft Windows 2000, Windows Server 2003 and Windows XP The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | 7.5 |
| 2002-12-31 | CVE-2002-1872 | Inadequate Encryption Strength vulnerability in Microsoft SQL Server Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. | 7.5 |
| 2002-12-31 | CVE-2002-1844 | Incorrect Default Permissions vulnerability in Microsoft Windows Media Player 6.3 Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | 7.8 |
| 2002-12-31 | CVE-2002-1745 | Off-by-one Error vulnerability in Microsoft Internet Information Services 5.0 Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. | 7.5 |
| 2002-09-05 | CVE-2002-0725 | Link Following vulnerability in Microsoft Windows 2000 and Windows NT NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | 5.5 |
| 2002-08-12 | CVE-2002-0391 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | 9.8 |