The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafted application, aka "Win32k Information Disclosure Vulnerability."
Max CVSS
2.8
EPSS Score
83.59%
Published
2016-07-13
Updated
2018-10-12
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted application, aka "Windows Kernel Information Disclosure Vulnerability."
Max CVSS
2.8
EPSS Score
0.10%
Published
2016-07-13
Updated
2018-10-12
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
Max CVSS
2.6
EPSS Score
21.53%
Published
1997-07-08
Updated
2021-07-22
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
Max CVSS
2.6
EPSS Score
0.23%
Published
1999-04-09
Updated
2021-07-22
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
Max CVSS
2.6
EPSS Score
1.73%
Published
1999-05-01
Updated
2021-07-22
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
Max CVSS
2.6
EPSS Score
0.58%
Published
1999-05-07
Updated
2018-10-12
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
Max CVSS
2.6
EPSS Score
0.10%
Published
1999-08-16
Updated
2018-10-12
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
Max CVSS
2.6
EPSS Score
1.73%
Published
1999-11-17
Updated
2021-07-22
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
Max CVSS
2.6
EPSS Score
0.23%
Published
1999-11-01
Updated
2022-08-17
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
Max CVSS
2.6
EPSS Score
0.14%
Published
1999-08-11
Updated
2018-10-12
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
Max CVSS
2.6
EPSS Score
2.63%
Published
1998-12-01
Updated
2021-07-22
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
Max CVSS
2.6
EPSS Score
3.15%
Published
1998-10-01
Updated
2021-07-22
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
Max CVSS
2.6
EPSS Score
0.54%
Published
1998-09-04
Updated
2021-07-22
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
Max CVSS
2.6
EPSS Score
0.48%
Published
1999-02-02
Updated
2021-07-22
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Max CVSS
2.6
EPSS Score
1.48%
Published
1999-12-23
Updated
2022-08-17
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
Max CVSS
2.6
EPSS Score
0.43%
Published
2000-01-31
Updated
2008-09-10
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.
Max CVSS
2.6
EPSS Score
1.09%
Published
2000-04-18
Updated
2021-07-23
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.
Max CVSS
2.6
EPSS Score
0.30%
Published
2000-05-11
Updated
2021-07-22
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
Max CVSS
2.6
EPSS Score
0.23%
Published
2000-06-06
Updated
2021-07-23
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
Max CVSS
2.6
EPSS Score
0.19%
Published
2000-06-05
Updated
2021-07-22
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
Max CVSS
2.6
EPSS Score
0.19%
Published
2000-06-05
Updated
2021-07-22

CVE-2000-0649

Public exploit
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Max CVSS
2.6
EPSS Score
0.36%
Published
2000-07-13
Updated
2020-11-23
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
Max CVSS
2.6
EPSS Score
0.09%
Published
2000-10-20
Updated
2021-07-23
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
Max CVSS
2.6
EPSS Score
0.23%
Published
2000-10-20
Updated
2021-07-23
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
Max CVSS
2.6
EPSS Score
0.61%
Published
2000-11-14
Updated
2018-10-12
168 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!