Vulnerabilities > Microsoft > Windows 2000 > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-25 | CVE-2008-1092 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Word Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. | 9.3 |
| 2008-02-12 | CVE-2007-0065 | Code Injection vulnerability in Microsoft Office and Visual Basic Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. | 10.0 |
| 2007-12-12 | CVE-2007-0064 | Buffer Errors vulnerability in Microsoft products Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | 9.3 |
| 2007-12-12 | CVE-2007-3039 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Message Queuing Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. | 9.0 |
| 2007-12-12 | CVE-2007-3895 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file. | 9.3 |
| 2007-11-20 | CVE-2007-6026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. | 9.3 |
| 2007-10-09 | CVE-2007-2217 | Code Injection vulnerability in Kodak Image Viewer Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP SP2 and Server 2003 SP1 and SP2, allows remote attackers to execute arbitrary code via crafted image files that trigger memory corruption, as demonstrated by a certain .tif (TIFF) file. | 9.3 |
| 2007-09-12 | CVE-2007-3040 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2000 Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205. | 9.3 |
| 2007-08-14 | CVE-2007-2224 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Visual Basic Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. | 9.3 |
| 2007-08-14 | CVE-2007-3034 | Numeric Errors vulnerability in Microsoft products Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow. | 9.3 |