Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 2000
Total 632 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1089 1 Microsoft 2 Windows 2000, Windows Nt 2018-10-12 10.0 HIGH N/A
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
CVE-1999-0717 1 Microsoft 5 Excel, Windows 2000, Windows 95 and 2 more 2018-10-12 2.6 LOW N/A
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVE-1999-0716 1 Microsoft 2 Windows 2000, Windows Nt 2018-10-12 4.6 MEDIUM N/A
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
CVE-1999-0715 1 Microsoft 2 Windows 2000, Windows Nt 2018-10-12 4.6 MEDIUM N/A
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
CVE-1999-0700 1 Microsoft 2 Windows 2000, Windows Nt 2018-10-12 6.2 MEDIUM N/A
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
CVE-2008-3842 1 Microsoft 5 .net Framework, Windows-nt, Windows 2000 and 2 more 2018-10-11 4.3 MEDIUM N/A
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence.
CVE-2008-3365 2 Microsoft, Pixelpost 7 Windows, Windows-nt, Windows 2000 and 4 more 2018-10-11 6.8 MEDIUM N/A
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
CVE-2008-1471 2 Microsoft, Panda 6 Windows-nt, Windows 2000, Windows Vista and 3 more 2018-10-11 7.2 HIGH N/A
The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.
CVE-2010-0705 2 Avast, Microsoft 4 Avast Antivirus Home, Avast Antivirus Professional, Windows 2000 and 1 more 2018-10-10 7.2 HIGH N/A
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
CVE-2009-4309 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more 2018-10-10 9.3 HIGH N/A
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
CVE-2009-4310 2 Microsoft, Windows 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more 2018-10-10 9.3 HIGH N/A
Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file.
CVE-2009-4210 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2018-10-10 9.3 HIGH N/A
The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.
CVE-2000-1079 1 Microsoft 4 Windows 2000, Windows 95, Windows 98 and 1 more 2017-12-18 7.5 HIGH N/A
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
CVE-2001-0261 1 Microsoft 1 Windows 2000 2017-12-18 2.1 LOW N/A
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.
CVE-2006-5988 1 Microsoft 1 Windows 2000 2017-11-22 5.0 MEDIUM N/A
Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco Pack module. NOTE: the provenance of this information is unknown; the details are obtained from third party information. As of 20061116, this disclosure has no actionable information. However, since the VulnDisco Pack author is a reliable researcher, the disclosure is being assigned a CVE identifier for tracking purposes.
CVE-2002-2132 1 Microsoft 2 Windows 2000, Windows Xp 2017-11-21 2.1 LOW N/A
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
CVE-2006-6261 2 Microsoft, Quinnware 7 Windows 2000, Windows 95, Windows 98 and 4 more 2017-10-18 9.3 HIGH N/A
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
CVE-1999-0562 1 Microsoft 2 Windows 2000, Windows Nt 2017-10-18 7.5 HIGH N/A
The registry in Windows NT can be accessed remotely by users who are not administrators.
CVE-2006-6723 1 Microsoft 2 Windows 2000, Windows Xp 2017-10-18 7.8 HIGH N/A
The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request.
CVE-2007-2736 9 Achievo, Apple, Hp and 6 more 18 Achievo, A Ux, Mac Os X and 15 more 2017-10-10 10.0 HIGH N/A
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.