Vulnerabilities > Microsoft > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
1999-12-29 | CVE-2000-0100 | Unspecified vulnerability in Microsoft Systems Management Server 2.0 The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program. | 7.2 |
1999-12-13 | CVE-1999-0993 | Improper Initialization vulnerability in Microsoft Exchange Server 5.0/5.5 Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. | 7.5 |
1999-12-06 | CVE-1999-0989 | Unspecified vulnerability in Microsoft IE 5/5.0 Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | 7.5 |
1999-11-12 | CVE-2000-0330 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability. | 7.6 |
1999-11-01 | CVE-1999-0354 | Unspecified vulnerability in Microsoft Internet Explorer and Word Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. | 7.5 |
1999-10-21 | CVE-2000-0327 | Unspecified vulnerability in Microsoft Virtual Machine 2000/3000 Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability. | 7.6 |
1999-09-24 | CVE-1999-1484 | Buffer Overflow vulnerability in Microsoft MSN Setup Bulletin Board Services 4.71.0.10 Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. | 7.5 |
1999-08-20 | CVE-2000-0325 | Unspecified vulnerability in Microsoft JET 3.5/3.5.1 The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. | 7.2 |
1999-06-28 | CVE-1999-1365 | Unspecified vulnerability in Microsoft Windows NT Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | 7.2 |
1999-04-21 | CVE-1999-0490 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/5.0 MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. | 7.5 |