Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0637 | 1 Microsoft | 1 Excel | 2018-10-12 | 4.6 MEDIUM | N/A |
| Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. | |||||
| CVE-2000-0653 | 1 Microsoft | 1 Outlook Express | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability. | |||||
| CVE-1999-0382 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 7.2 HIGH | N/A |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. | |||||
| CVE-2000-0654 | 1 Microsoft | 1 Sql Server | 2018-10-12 | 4.6 MEDIUM | N/A |
| Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability. | |||||
| CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 4.6 MEDIUM | N/A |
| The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | |||||
| CVE-1999-0717 | 1 Microsoft | 5 Excel, Windows 2000, Windows 95 and 2 more | 2018-10-12 | 2.6 LOW | N/A |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | |||||
| CVE-2000-0673 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 5.0 MEDIUM | N/A |
| The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | |||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2018-10-12 | 2.1 LOW | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | |||||
| CVE-2000-0737 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 4.6 MEDIUM | N/A |
| The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. | |||||
| CVE-2000-0742 | 1 Microsoft | 2 Windows 95, Windows 98 | 2018-10-12 | 5.0 MEDIUM | N/A |
| The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. | |||||
| CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 7.8 HIGH | N/A |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
| CVE-1999-1127 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | |||||
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
| CVE-1999-1148 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | |||||
| CVE-2000-0765 | 1 Microsoft | 3 Excel, Powerpoint, Word | 2018-10-12 | 5.1 MEDIUM | N/A |
| Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. | |||||
| CVE-1999-0723 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2018-10-12 | 7.1 HIGH | N/A |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. | |||||
| CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2018-10-12 | 2.1 LOW | N/A |
| Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | |||||
| CVE-2000-0777 | 1 Microsoft | 1 Money | 2018-10-12 | 7.2 HIGH | N/A |
| The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability. | |||||
| CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 7.1 HIGH | N/A |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
| CVE-2000-0788 | 1 Microsoft | 2 Access, Word | 2018-10-12 | 10.0 HIGH | N/A |
| The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | |||||