Vulnerabilities > Microsoft > Windows 2000
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-27 | CVE-2006-5559 | Improper Input Validation vulnerability in Microsoft Data Access Components 2.5/2.7/2.8 The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments. | 9.3 |
| 2006-10-10 | CVE-2006-4696 | Code Injection vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted packet, aka "SMB Rename Vulnerability." | 9.0 |
| 2006-09-12 | CVE-2006-0032 | Cross-Site Scripting vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7. | 4.3 |
| 2006-08-09 | CVE-2006-3648 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." | 7.6 |
| 2006-08-09 | CVE-2006-3443 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2000 Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability." | 7.2 |
| 2006-08-09 | CVE-2006-3441 | Buffer Overrun vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. | 10.0 |
| 2006-08-09 | CVE-2006-3440 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." | 10.0 |
| 2006-08-09 | CVE-2006-3439 | Remote Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314. | 10.0 |
| 2006-08-09 | CVE-2006-3444 | Local Privilege Escalation vulnerability in Microsoft Windows 2000 Kernel Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer." | 7.5 |
| 2006-07-31 | CVE-2006-3942 | Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. | 7.8 |