Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-06-08 | CVE-2000-0502 | Unspecified vulnerability in Mcafee Virusscan 4.0.3 Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. | 2.1 |
| 2000-06-06 | CVE-2000-0503 | Unspecified vulnerability in Microsoft Internet Explorer The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. | 2.6 |
| 2000-06-05 | CVE-2000-0519 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | 2.6 |
| 2000-06-05 | CVE-2000-0518 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. | 2.6 |
| 2000-06-01 | CVE-2000-0487 | Unspecified vulnerability in Microsoft Windows 2000 The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | 3.6 |
| 2000-05-30 | CVE-2000-0485 | Unspecified vulnerability in Microsoft SQL Server 6.5/7.0 Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. | 2.1 |
| 2000-05-30 | CVE-2000-0402 | Unspecified vulnerability in Microsoft SQL Server 7.0 The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | 2.1 |
| 2000-05-29 | CVE-2000-0461 | The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | 2.1 |
| 2000-05-29 | CVE-2000-0455 | Unspecified vulnerability in David Bagley Xlock 4.16 Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | 2.1 |
| 2000-05-28 | CVE-2000-0462 | Unspecified vulnerability in Netbsd 1.4.2 ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | 2.1 |