CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Security Vulnerabilities Published In 2000

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-1227 DoS 2000-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
2 CVE-2000-1218 2000-04-14 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
3 CVE-2000-1217 Bypass 2000-11-21 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
4 CVE-2000-1079 2000-08-29 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
5 CVE-2000-1061 Exec Code Bypass 2000-12-11 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.
6 CVE-2000-1034 Exec Code Overflow 2000-12-11 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
7 CVE-2000-1006 DoS 2000-12-11 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
8 CVE-2000-1003 DoS 2000-12-11 2008-09-05
2.6
None Remote High Not required None None Partial
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
9 CVE-2000-0983 DoS 2000-12-19 2008-09-10
5.0
None Remote Low Not required None None Partial
Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability.
10 CVE-2000-0982 2000-12-19 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
11 CVE-2000-0980 2000-12-19 2008-09-05
5.0
None Remote Low Not required None None Partial
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
12 CVE-2000-0979 Bypass 2000-12-19 2008-09-05
6.4
None Remote Low Not required Partial Partial None
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
13 CVE-2000-0970 2000-12-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.
14 CVE-2000-0951 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
15 CVE-2000-0942 XSS 2000-12-19 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
16 CVE-2000-0933 +Priv 2000-12-19 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
17 CVE-2000-0929 DoS 2000-12-19 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
18 CVE-2000-0886 Exec Code 2000-12-19 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
19 CVE-2000-0885 Exec Code Overflow 2000-12-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
20 CVE-2000-0884 Exec Code 2000-12-19 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
21 CVE-2000-0858 DoS 2000-11-14 2008-09-05
5.0
None Remote Low Not required None None Partial
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.
22 CVE-2000-0854 Exec Code 2000-11-14 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
23 CVE-2000-0851 Overflow +Priv 2000-11-14 2013-07-06
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
24 CVE-2000-0849 DoS 2000-11-14 2008-09-05
2.6
None Remote High Not required None None Partial
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
25 CVE-2000-0834 2000-11-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
26 CVE-2000-0830 DoS 2000-11-14 2008-09-05
5.0
None Remote Low Not required None None Partial
annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705.
27 CVE-2000-0817 Exec Code Overflow 2000-12-19 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote attackers to execute arbitrary commands via malformed data, aka the "Netmon Protocol Parsing" vulnerability.
28 CVE-2000-0790 2000-10-20 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder.
29 CVE-2000-0788 Exec Code 2000-10-20 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
30 CVE-2000-0778 2000-10-20 2013-08-03
5.0
None Remote Low Not required Partial None None
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
31 CVE-2000-0777 2000-10-20 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
32 CVE-2000-0771 DoS 2000-10-20 2008-09-05
2.1
None Local Low Not required None None Partial
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
33 CVE-2000-0770 Bypass 2000-10-20 2008-09-05
6.4
None Remote Low Not required Partial Partial None
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
34 CVE-2000-0768 2000-10-20 2008-09-05
2.6
None Remote High Not required Partial None None
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
35 CVE-2000-0767 2000-10-20 2008-09-05
2.6
None Remote High Not required Partial None None
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
36 CVE-2000-0765 Exec Code Overflow 2000-10-20 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
37 CVE-2000-0756 DoS 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.
38 CVE-2000-0753 2000-10-20 2008-09-10
5.0
None Remote Low Not required None Partial None
The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.
39 CVE-2000-0746 XSS 2000-10-20 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
40 CVE-2000-0742 DoS 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability.
41 CVE-2000-0737 +Priv 2000-10-20 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
42 CVE-2000-0711 2000-10-20 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
43 CVE-2000-0710 2000-10-20 2008-09-05
5.0
None Remote Low Not required Partial None None
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
44 CVE-2000-0709 DoS 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
45 CVE-2000-0673 DoS 2000-07-27 2008-09-05
5.0
None Remote Low Not required None None Partial
The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.
46 CVE-2000-0663 Exec Code 2000-07-25 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
47 CVE-2000-0662 2000-07-14 2008-09-10
5.0
None Remote Low Not required Partial None None
Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
48 CVE-2000-0654 2000-07-11 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability.
49 CVE-2000-0653 2000-07-20 2008-09-10
5.0
None Remote Low Not required Partial None None
Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.
50 CVE-2000-0649 200 +Info 2000-07-13 2008-09-10
2.6
None Remote High Not required Partial None None
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Total number of vulnerabilities : 143   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.