Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-21 | CVE-2001-0002 | Unspecified vulnerability in Microsoft Internet Explorer and Windows Script Host Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | 7.5 |
| 2001-07-16 | CVE-2001-1238 | Improper Handling of Case Sensitivity vulnerability in Microsoft Windows 2000 Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager. | 7.8 |
| 2001-07-02 | CVE-2001-0239 | Unspecified vulnerability in Microsoft ISA Server 2000 Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Proxy allows remote attackers to cause a denial of service via a long web request with a specific type. | 7.5 |
| 2001-07-02 | CVE-2001-0238 | Unspecified vulnerability in Microsoft products Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | 7.5 |
| 2001-06-27 | CVE-2001-0339 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." | 7.5 |
| 2001-06-27 | CVE-2001-0334 | Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | 7.5 |
| 2001-06-27 | CVE-2001-0333 | Unspecified vulnerability in Microsoft Internet Information Server Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. | 7.5 |
| 2001-06-27 | CVE-2001-0244 | Buffer Overflow vulnerability in Microsoft Index Server 2.0 Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. | 7.5 |
| 2001-06-27 | CVE-2001-0242 | Buffer Overflow vulnerability in Microsoft Windows Media Player 6.3/6.4/7 Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. | 7.5 |
| 2001-06-02 | CVE-2001-0148 | Unspecified vulnerability in Microsoft Windows Media Player 7 The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. | 7.5 |