Vulnerabilities > Microsoft > Windows 2000
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-04-20 | CVE-2000-0331 | Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. | 5.0 |
| 2000-04-20 | CVE-2000-0311 | Unspecified vulnerability in Microsoft Windows 2000 The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. | 2.1 |
| 2000-04-14 | CVE-2000-1218 | Origin Validation Error vulnerability in Microsoft products The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | 9.8 |
| 2000-04-07 | CVE-2000-0298 | Unspecified vulnerability in Microsoft Windows 2000 The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories. | 7.2 |
| 2000-03-30 | CVE-2000-0232 | Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. | 2.1 |
| 2000-01-20 | CVE-1999-0595 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | 2.1 |
| 1999-12-31 | CVE-1999-1358 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | 4.6 |
| 1999-12-01 | CVE-1999-0819 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | 5.0 |
| 1999-01-05 | CVE-1999-0391 | Unspecified vulnerability in Microsoft Terminal Server, Windows 2000 and Windows NT The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | 7.5 |
| 1999-01-01 | CVE-1999-0384 | Unspecified vulnerability in Microsoft products The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | 4.6 |