Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1492 | 1 Microsoft | 1 Windows Xp | 2008-11-12 | 7.1 HIGH | N/A |
| winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file. | |||||
| CVE-2008-4927 | 1 Microsoft | 1 Windows Media Player | 2008-11-04 | 4.3 MEDIUM | N/A |
| Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial of service (application crash) via a malformed (1) MIDI or (2) DAT file, related to "MThd Header Parsing." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-0228 | 1 Microsoft | 1 Msn Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites). | |||||
| CVE-2005-1793 | 1 Microsoft | 1 Windows 98se | 2008-09-10 | 2.6 LOW | N/A |
| User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service (crash) via an icon (.ico) bitmap file with large width and height values. | |||||
| CVE-2002-0977 | 1 Microsoft | 1 File Transfer Manager | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | |||||
| CVE-2002-0978 | 1 Microsoft | 1 File Transfer Manager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function. | |||||
| CVE-2001-1552 | 1 Microsoft | 1 Windows Me | 2008-09-10 | 5.0 MEDIUM | N/A |
| ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced. | |||||
| CVE-2001-1218 | 1 Microsoft | 1 Ie | 2008-09-10 | 2.1 LOW | N/A |
| Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | |||||
| CVE-2000-0544 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | |||||
| CVE-2000-0580 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | |||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | |||||
| CVE-2000-0612 | 1 Microsoft | 2 Windows 95, Windows 98 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. | |||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | |||||
| CVE-2000-0420 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 7.2 HIGH | N/A |
| The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | |||||
| CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2008-09-10 | 2.6 LOW | N/A |
| Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-0167 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 2.1 LOW | N/A |
| IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | |||||
| CVE-2000-0168 | 1 Microsoft | 3 Windows 95, Windows 98, Windows 98se | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. | |||||
| CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2008-09-10 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||