Vulnerabilities > Microsoft > Windows 2000 > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-03-30 CVE-2007-1765 Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7.
network
microsoft avaya
critical
9.3
2007-03-24 CVE-2007-1645 Remote Security vulnerability in TFTP Server 2000
Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a long request on UDP port 69.
network
low complexity
microsoft futuresoft
critical
10.0
2007-03-20 CVE-2007-1512 Denial-Of-Service vulnerability in Visual Studio .NET Professional Edition
Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the "MFC42u.dll Off-by-Two Overflow." NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025.
network
low complexity
microsoft
critical
10.0
2007-02-21 CVE-2007-1070 Stack Buffer Overflow vulnerability in Trend Micro Serverprotect 5.58/5.61/5.62
Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
network
low complexity
microsoft trend-micro
critical
10.0
2007-02-13 CVE-2006-1311 Remote Code Execution vulnerability in Microsoft Office And Microsoft Windows RichEdit Component
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
network
microsoft
critical
9.3
2007-02-13 CVE-2007-0214 Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.
network
microsoft
critical
9.3
2006-12-04 CVE-2006-6261 Remote Memory Corruption vulnerability in Quinnware Quintessential Player Playlist Files
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
network
microsoft quinnware
critical
9.3
2006-11-14 CVE-2006-4691 Remote Code Execution vulnerability in Microsoft Windows 2000 and Windows XP
Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.
network
low complexity
microsoft
critical
10.0
2006-10-27 CVE-2006-5559 Improper Input Validation vulnerability in Microsoft Data Access Components 2.5/2.7/2.8
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.
network
microsoft CWE-20
critical
9.3
2006-10-10 CVE-2006-4696 Code Injection vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted packet, aka "SMB Rename Vulnerability."
network
low complexity
microsoft CWE-94
critical
9.0