Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-09-24 | CVE-2002-0977 | Unspecified vulnerability in Microsoft File Transfer Manager Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | 7.5 |
| 2002-09-24 | CVE-2002-0975 | Remote Buffer Overflow vulnerability in Microsoft DirectX Files Viewer ActiveX Control Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter. | 7.5 |
| 2002-09-24 | CVE-2002-0861 | Information Disclosure vulnerability in Microsoft Office web Components and Project Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object. | 7.5 |
| 2002-09-24 | CVE-2002-0727 | Unspecified vulnerability in Microsoft Office web Components and Project The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method. | 7.5 |
| 2002-09-24 | CVE-2002-0726 | Buffer Overflow vulnerability in Microsoft TSAC ActiveX Control Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field. | 7.5 |
| 2002-09-24 | CVE-2002-0724 | Unspecified vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | 7.5 |
| 2002-09-24 | CVE-2002-0723 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag." | 7.5 |
| 2002-09-24 | CVE-2002-0722 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." | 7.5 |
| 2002-09-24 | CVE-2002-0691 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5 Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | 7.5 |
| 2002-09-24 | CVE-2002-0647 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control". | 7.5 |