Vulnerabilities > Microsoft > Windows 98Se

DATE CVE VULNERABILITY TITLE RISK
2004-07-27 CVE-2003-1048 Double Free vulnerability in Microsoft products
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
local
low complexity
microsoft CWE-415
7.8
2000-04-14 CVE-2000-1218 Origin Validation Error vulnerability in Microsoft products
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
network
low complexity
microsoft CWE-346
critical
9.8