Security Vulnerabilities, CVEs, Published In May 2000 CVSS score >= 4
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.
Max CVSS
5.0
EPSS Score
0.21%
Published
2000-05-29
Updated
2008-09-10
The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.
Max CVSS
10.0
EPSS Score
0.75%
Published
2000-05-23
Updated
2017-10-10
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-31
Updated
2017-10-10
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
Max CVSS
5.0
EPSS Score
0.41%
Published
2000-05-26
Updated
2017-10-10
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
Max CVSS
5.0
EPSS Score
0.39%
Published
2000-05-31
Updated
2021-06-06
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
Max CVSS
5.0
EPSS Score
24.10%
Published
2000-05-30
Updated
2018-10-12
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
Max CVSS
10.0
EPSS Score
7.14%
Published
2000-05-24
Updated
2008-09-10
Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command.
Max CVSS
10.0
EPSS Score
0.42%
Published
2000-05-30
Updated
2017-10-10
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
Max CVSS
5.0
EPSS Score
0.73%
Published
2000-05-30
Updated
2017-10-10
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
Max CVSS
5.1
EPSS Score
63.25%
Published
2000-05-17
Updated
2021-07-23
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.
Max CVSS
7.6
EPSS Score
0.32%
Published
2000-05-17
Updated
2021-07-23
BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets.
Max CVSS
5.0
EPSS Score
0.94%
Published
2000-05-18
Updated
2008-09-10
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-05-27
Updated
2008-09-10
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
Max CVSS
7.5
EPSS Score
40.85%
Published
2000-05-11
Updated
2018-10-30
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
Max CVSS
5.0
EPSS Score
0.67%
Published
2000-05-18
Updated
2008-09-10
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
Max CVSS
5.0
EPSS Score
1.18%
Published
2000-05-18
Updated
2008-09-10
The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets.
Max CVSS
5.0
EPSS Score
0.94%
Published
2000-05-19
Updated
2008-09-10
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
1.75%
Published
2000-05-18
Updated
2008-09-10
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.
Max CVSS
10.0
EPSS Score
1.03%
Published
2000-05-01
Updated
2008-09-10
The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.
Max CVSS
5.0
EPSS Score
0.54%
Published
2000-05-01
Updated
2008-09-10
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.
Max CVSS
7.5
EPSS Score
0.68%
Published
2000-05-01
Updated
2008-09-10
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string.
Max CVSS
7.5
EPSS Score
1.34%
Published
2000-05-24
Updated
2008-09-10
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
Max CVSS
5.0
EPSS Score
1.32%
Published
2000-05-24
Updated
2008-09-10
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Max CVSS
7.5
EPSS Score
7.84%
Published
2000-05-24
Updated
2008-09-10