Vulnerabilities > Microsoft > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-03-08 | CVE-2002-0026 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made. | 7.5 |
2002-03-08 | CVE-2002-0024 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download. | 7.5 |
2002-03-08 | CVE-2002-0022 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. | 7.5 |
2002-03-08 | CVE-2002-0020 | Buffer Overflow vulnerability in Microsoft Telnet Server Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. | 7.5 |
2002-01-13 | CVE-2002-0077 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. | 7.5 |
2001-12-31 | CVE-2001-1547 | Remote Security vulnerability in Microsoft Outlook Express 6.0 Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code. | 7.5 |
2001-12-31 | CVE-2001-1515 | Improper Preservation of Permissions vulnerability in Microsoft Windows 2000 Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended. | 7.5 |
2001-12-20 | CVE-2001-0876 | Buffer Overflow vulnerability in Microsoft UPnP NOTIFY Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | 7.5 |
2001-12-20 | CVE-2001-0542 | Buffer Overflow vulnerability in Microsoft SQL-Server 2000/7.0 Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. | 7.5 |
2001-12-17 | CVE-2001-1200 | Unspecified vulnerability in Microsoft Windows XP Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys. | 7.2 |