Vulnerabilities > Microsoft > Windows 2000 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2328 | Improper Input Validation vulnerability in Microsoft Windows 2000 Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | 7.1 |
| 2002-12-31 | CVE-2002-1749 | Unspecified vulnerability in Microsoft Windows 2000 Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | 7.2 |
| 2002-12-23 | CVE-2002-1260 | Unspecified vulnerability in Microsoft products The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | 7.5 |
| 2002-10-28 | CVE-2002-1214 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | 7.5 |
| 2002-10-10 | CVE-2002-0694 | Unspecified vulnerability in Microsoft products The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | 7.5 |
| 2002-10-10 | CVE-2002-0693 | Buffer Overflow vulnerability in Microsoft Windows Help Facility ActiveX Control Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | 7.5 |
| 2002-10-10 | CVE-2002-0692 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request. | 7.5 |
| 2002-09-24 | CVE-2002-0724 | Unspecified vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | 7.5 |
| 2002-09-05 | CVE-2002-0720 | Unspecified vulnerability in Microsoft Windows 2000 and Windows 2000 Terminal Services A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | 7.2 |
| 2002-07-03 | CVE-2002-0366 | Remote Access Service Buffer Overflow vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry. | 7.2 |