Vulnerabilities > Microsoft > Windows 2000 > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-07-10 CVE-2007-0040 Remote Code Execution vulnerability in Microsoft Windows 2000 and Windows 2003 Server
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted LDAP request with an unspecified number of "convertible attributes."
network
low complexity
microsoft
critical
10.0
2007-07-10 CVE-2007-0041 Buffer Errors vulnerability in Microsoft .Net Framework 1.0/1.1/2.0
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
network
microsoft CWE-119
critical
9.3
2007-07-10 CVE-2007-0043 Buffer Errors vulnerability in Microsoft .Net Framework 1.0/1.1/2.0
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability".
network
microsoft CWE-119
critical
9.3
2007-06-12 CVE-2007-2219 Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified function.
network
microsoft
critical
9.3
2007-06-12 CVE-2007-2218 Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake.
network
microsoft
critical
9.3
2007-05-17 CVE-2007-2736 Remote File Include vulnerability in Achievo 1.1.0
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
network
low complexity
apple hp ibm linux microsoft santa-cruz-operation sun windriver achievo
critical
10.0
2007-04-30 CVE-2007-2374 Remote Code Execution vulnerability in Microsoft Windows
Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
network
microsoft avaya
critical
9.3
2007-04-13 CVE-2007-1748 Buffer Errors vulnerability in Microsoft Windows 2000 and Windows 2003 Server
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
network
low complexity
microsoft CWE-119
critical
10.0
2007-04-10 CVE-2007-1205 Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
network
microsoft
critical
9.3
2007-03-30 CVE-2007-0038 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7.
network
microsoft CWE-119
critical
9.3