Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-01-09 | CVE-2000-1089 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | 10.0 |
| 2000-12-31 | CVE-2000-1242 | Unspecified vulnerability in APC Powerchute The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access. | 9.0 |
| 2000-12-31 | CVE-2000-1241 | Unspecified vulnerability in Sips Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | 10.0 |
| 2000-12-31 | CVE-2000-1239 | Information Disclosure vulnerability in IBM Tivoli Management Framework 3.7.1 The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files. | 9.0 |
| 2000-12-19 | CVE-2000-0985 | Buffer Overflow vulnerability in Nevis Systems All-Mail 1.1 Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command. | 10.0 |
| 2000-12-19 | CVE-2000-0973 | Unspecified vulnerability in Daniel Stenberg Curl Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated. | 10.0 |
| 2000-12-19 | CVE-2000-0971 | Unspecified vulnerability in Avirt Mail Server 4.0/4.2 Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command. | 10.0 |
| 2000-12-19 | CVE-2000-0969 | Unspecified vulnerability in Valve Software Half-Life Dedicated Server 3.1.3 Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon. | 10.0 |
| 2000-12-19 | CVE-2000-0968 | Unspecified vulnerability in Valve Software Half-Life Dedicated Server Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long rcon command. | 10.0 |
| 2000-12-19 | CVE-2000-0967 | Unspecified vulnerability in PHP 3.0/4.0 PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | 10.0 |