Vulnerabilities > Microsoft > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-07-26 | CVE-2002-0369 | Buffer Overflow vulnerability in Microsoft .Net Framework 1.0 Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode. | 10.0 |
2002-03-08 | CVE-2002-0018 | Privilege Escalation vulnerability in Microsoft Windows 2000 and Windows NT In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. | 10.0 |
2001-08-14 | CVE-2001-0538 | Unspecified vulnerability in Microsoft Outlook Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. | 10.0 |
2001-07-21 | CVE-2001-0500 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. | 10.0 |
2001-06-27 | CVE-2001-0241 | Buffer Overflow vulnerability in Microsoft IIS 5.0 .printer ISAPI Extension Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | 10.0 |
2001-05-03 | CVE-2001-0147 | Unspecified vulnerability in Microsoft Windows 2000 Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | 10.0 |
2001-02-16 | CVE-2001-0045 | Unspecified vulnerability in Microsoft Windows NT 4.0/Terminalserver The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | 10.0 |
2001-01-09 | CVE-2000-1089 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | 10.0 |
2000-12-11 | CVE-2000-1034 | Unspecified vulnerability in Microsoft Windows 2000 Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability. | 10.0 |
2000-11-14 | CVE-2000-0854 | Unspecified vulnerability in Microsoft Office 2000 When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document. | 10.0 |