NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
Max CVSS
3.6
EPSS Score
0.07%
Published
2002-12-31
Updated
2019-04-30
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
Max CVSS
7.1
EPSS Score
76.31%
Published
2002-12-31
Updated
2019-04-30
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
Max CVSS
2.1
EPSS Score
0.06%
Published
2002-12-31
Updated
2017-11-21
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2019-04-30
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
Max CVSS
2.1
EPSS Score
0.08%
Published
2002-12-31
Updated
2019-04-30
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
Max CVSS
7.5
EPSS Score
1.90%
Published
2002-12-31
Updated
2019-04-30
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
Max CVSS
7.2
EPSS Score
0.05%
Published
2002-12-31
Updated
2019-04-30
Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
Max CVSS
5.0
EPSS Score
9.48%
Published
2002-12-31
Updated
2019-04-30
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
Max CVSS
4.3
EPSS Score
1.15%
Published
2002-12-31
Updated
2018-10-30
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
Max CVSS
5.0
EPSS Score
1.11%
Published
2002-12-23
Updated
2019-04-30
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
Max CVSS
7.5
EPSS Score
1.86%
Published
2002-12-23
Updated
2019-04-30
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.
Max CVSS
5.0
EPSS Score
16.20%
Published
2002-12-23
Updated
2019-04-30
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
Max CVSS
10.0
EPSS Score
2.28%
Published
2002-12-23
Updated
2019-04-30
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.
Max CVSS
5.0
EPSS Score
0.72%
Published
2002-12-23
Updated
2019-04-30
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-11-04
Updated
2019-04-30

CVE-2002-1214

Public exploit
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data.
Max CVSS
7.5
EPSS Score
96.77%
Published
2002-10-28
Updated
2019-04-30
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.
Max CVSS
4.6
EPSS Score
0.05%
Published
2002-11-12
Updated
2019-04-30
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop."
Max CVSS
5.0
EPSS Score
5.52%
Published
2002-10-11
Updated
2019-04-30
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."
Max CVSS
5.0
EPSS Score
2.27%
Published
2002-10-11
Updated
2019-04-30
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
Max CVSS
6.8
EPSS Score
14.97%
Published
2002-10-04
Updated
2024-02-09
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
Max CVSS
7.5
EPSS Score
18.32%
Published
2002-08-12
Updated
2019-04-30
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
Max CVSS
5.5
EPSS Score
1.03%
Published
2002-09-05
Updated
2024-02-21
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".
Max CVSS
7.5
EPSS Score
14.24%
Published
2002-09-24
Updated
2019-04-30
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-09-05
Updated
2019-04-30
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
Max CVSS
5.0
EPSS Score
1.25%
Published
2002-10-04
Updated
2018-10-12
43 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!