Microsoft : Security Vulnerabilities, CVEs, Published In 2001 (Code Execution) CVSS score >= 3
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
6.82%
Published
2001-12-31
Updated
2008-09-05
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
Max CVSS
7.5
EPSS Score
8.69%
Published
2001-11-21
Updated
2017-10-10
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
Max CVSS
7.5
EPSS Score
96.84%
Published
2001-12-20
Updated
2018-10-12
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."
Max CVSS
7.5
EPSS Score
96.33%
Published
2001-12-14
Updated
2021-07-23
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.
Max CVSS
7.5
EPSS Score
11.28%
Published
2001-12-06
Updated
2018-10-12
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
Max CVSS
7.5
EPSS Score
17.34%
Published
2001-12-20
Updated
2018-10-12
6 vulnerabilities found