Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-06-27 | CVE-2001-0334 | Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | 7.5 |
| 2001-06-27 | CVE-2001-0333 | Unspecified vulnerability in Microsoft Internet Information Server Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. | 7.5 |
| 2001-06-27 | CVE-2001-0244 | Buffer Overflow vulnerability in Microsoft Index Server 2.0 Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. | 7.5 |
| 2001-06-27 | CVE-2001-0242 | Buffer Overflow vulnerability in Microsoft Windows Media Player 6.3/6.4/7 Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. | 7.5 |
| 2001-06-02 | CVE-2001-0148 | Unspecified vulnerability in Microsoft Windows Media Player 7 The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. | 7.5 |
| 2001-05-03 | CVE-2001-0281 | Local Security vulnerability in Microsoft Windows NT Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. | 7.2 |
| 2001-05-03 | CVE-2001-0154 | Unspecified vulnerability in Microsoft Internet Explorer HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | 7.5 |
| 2001-05-03 | CVE-2001-0153 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Visual Basic and Visual Studio Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | 7.5 |
| 2001-05-03 | CVE-2001-0145 | Unspecified vulnerability in Microsoft Outlook and Outlook Express Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. | 7.5 |
| 2001-03-12 | CVE-2001-0016 | Unspecified vulnerability in Microsoft Windows NT NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | 7.2 |