Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2017-10-10 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | |||||
| CVE-2007-2884 | 1 Microsoft | 1 Visual Basic | 2017-10-10 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field. | |||||
| CVE-2007-3282 | 1 Microsoft | 2 Office, Office Msodatasourcecontrol Activex | 2017-10-10 | 7.8 HIGH | N/A |
| Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method. | |||||
| CVE-2006-7210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-10-10 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | |||||
| CVE-2007-1347 | 1 Microsoft | 3 Windows 2000, Windows Explorer, Windows Xp | 2017-10-10 | 7.1 HIGH | N/A |
| Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. | |||||
| CVE-2007-1382 | 2 Microsoft, Php | 2 All Windows, Com Extensions | 2017-10-10 | 6.8 MEDIUM | N/A |
| The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode. | |||||
| CVE-2007-1644 | 1 Microsoft | 1 All Windows | 2017-10-10 | 10.0 HIGH | N/A |
| The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution). | |||||
| CVE-2007-1645 | 2 Futuresoft, Microsoft | 2 Tftp Server 2000, Windows 2000 | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a long request on UDP port 69. NOTE: this issue might overlap CVE-2006-4781 or CVE-2005-1812. | |||||
| CVE-2001-0628 | 1 Microsoft | 1 Word | 2017-10-09 | 7.2 HIGH | N/A |
| Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user. | |||||
| CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-09 | 7.5 HIGH | N/A |
| Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | |||||
| CVE-2001-0909 | 1 Microsoft | 1 Windows Xp | 2017-10-09 | 7.5 HIGH | N/A |
| Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | |||||
| CVE-2001-0951 | 1 Microsoft | 1 Windows 2000 | 2017-10-09 | 5.0 MEDIUM | N/A |
| Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters. | |||||
| CVE-2001-1055 | 1 Microsoft | 2 Windows 98, Windows 98se | 2017-10-09 | 5.0 MEDIUM | N/A |
| The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | |||||
| CVE-2001-1088 | 1 Microsoft | 2 Outlook, Outlook Express | 2017-10-09 | 7.5 HIGH | N/A |
| Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. | |||||
| CVE-2000-0298 | 1 Microsoft | 1 Windows 2000 | 2017-10-09 | 7.2 HIGH | N/A |
| The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories. | |||||
| CVE-1999-0077 | 1 Microsoft | 1 Windows Nt | 2017-10-09 | 5.0 MEDIUM | N/A |
| Predictable TCP sequence numbers allow spoofing. | |||||
| CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2017-10-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2017-10-09 | 5.0 MEDIUM | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2017-10-09 | 2.1 LOW | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
| CVE-2000-0753 | 1 Microsoft | 1 Outlook | 2017-10-09 | 5.0 MEDIUM | N/A |
| The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files. | |||||