Vulnerabilities > Microsoft > Windows 2000 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-14 | CVE-2007-3898 | Configuration vulnerability in Microsoft products The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors. | 6.4 |
| 2007-09-12 | CVE-2007-3036 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files." | 6.9 |
| 2007-07-10 | CVE-2007-3028 | Remote Denial Of Service vulnerability in Microsoft Windows Active Directory LDAP Request Validation The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request, related to "client sent LDAP request logic," aka "Windows Active Directory Denial of Service Vulnerability". | 5.0 |
| 2007-06-27 | CVE-2006-7210 | Denial of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | 5.0 |
| 2007-05-16 | CVE-2007-1898 | Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | 5.8 |
| 2007-04-24 | CVE-2007-2186 | Denial of Service vulnerability in Foxit PDF Reader 2.0 Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 5.0 |
| 2007-04-10 | CVE-2007-1912 | Heap Overflow vulnerability in Microsoft Windows Help File Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. network microsoft | 6.8 |
| 2007-04-04 | CVE-2007-1212 | Privilege Escalation vulnerability in Microsoft Windows Graphics Rendering Engine EMF File Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file. local microsoft | 6.6 |
| 2007-03-28 | CVE-2007-1727 | Remote Unauthorized Access vulnerability in HP OpenView Network Node Manager Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. | 6.5 |
| 2007-02-23 | CVE-2006-7039 | Remote Denial Of Service vulnerability in Atrium Software Mercur Messaging 2005 5.0Sp3 The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field. | 5.0 |