CVEdetails.com the ultimate security vulnerability data source

Log In Register

Take a third party risk management course for FREE

Vulnerability Feeds & Widgets^New www.itsecdb.com

Switch to https:// Home Browse :
Vendors Products Vulnerabilities By Date Vulnerabilities By Type Reports :
CVSS Score Report CVSS Score Distribution Search :
Vendor Search Product Search Version Search Vulnerability Search By Microsoft References Top 50 :
Vendors Vendor Cvss Scores Products Product Cvss Scores Versions Other :
Microsoft Bulletins Bugtraq Entries CWE Definitions About & Contact Feedback CVE Help FAQ Articles External Links :
NVD Website CWE Web Site

Microsoft : Security Vulnerabilities Published In 2000 (Bypass)

2000 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2000-1217			Bypass	2000-11-21	2019-04-30	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
2	CVE-2000-1061			Exec Code Bypass	2000-12-11	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.
3	CVE-2000-0979			Bypass	2000-12-19	2018-10-12	6.4	None	Remote	Low	Not required	Partial	Partial	None
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
4	CVE-2000-0770			Bypass	2000-10-20	2018-10-30	6.4	None	Remote	Low	Not required	Partial	Partial	None
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
5	CVE-2000-0621			Bypass	2000-07-20	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.
6	CVE-2000-0603			Bypass	2000-07-07	2018-10-12	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability.
7	CVE-2000-0416			Bypass	2000-05-11	2008-09-10	5.0	None	Remote	Low	Not required	None	Partial	None
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
8	CVE-2000-0266			Bypass	2000-04-18	2021-07-23	2.6	None	Remote	High	Not required	Partial	None	None
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.

Total number of vulnerabilities : 8 Page : 1 (This Page)

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.