Vulnerabilities > Microsoft > Windows 2000 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-14 | CVE-2005-1206 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | 7.5 |
| 2005-06-13 | CVE-2005-1935 | Remote Security vulnerability in Windows NT Terminal Server Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. | 7.5 |
| 2005-05-02 | CVE-2005-0545 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. | 7.2 |
| 2005-05-02 | CVE-2005-0063 | Remote Code Execution vulnerability in Microsoft Windows Shell The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. | 7.5 |
| 2005-05-02 | CVE-2005-0061 | Unspecified vulnerability in Microsoft products The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. | 7.2 |
| 2005-05-02 | CVE-2005-0060 | Unspecified vulnerability in Microsoft products Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. | 7.2 |
| 2005-05-02 | CVE-2005-0057 | Buffer Overflow vulnerability in Microsoft Windows Hyperlink Object Library The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow. | 7.5 |
| 2005-05-02 | CVE-2005-0053 | Unspecified vulnerability in Microsoft products Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0048 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability." | 7.5 |
| 2005-05-02 | CVE-2005-0047 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." | 7.2 |