Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2008-09-10 | 5.0 MEDIUM | N/A |
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2008-09-10 | 5.0 MEDIUM | N/A |
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | |||||
CVE-2000-0155 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-09 | 7.2 HIGH | N/A |
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. | |||||
CVE-1999-0975 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-09 | 4.6 MEDIUM | N/A |
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | |||||
CVE-1999-0989 | 1 Microsoft | 1 Ie | 2008-09-09 | 7.5 HIGH | N/A |
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | |||||
CVE-1999-0824 | 1 Microsoft | 1 Windows Nt | 2008-09-09 | 4.6 MEDIUM | N/A |
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | |||||
CVE-1999-0750 | 1 Microsoft | 1 Hotmail | 2008-09-09 | 5.1 MEDIUM | N/A |
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |||||
CVE-1999-0225 | 1 Microsoft | 1 Windows Nt | 2008-09-09 | 5.0 MEDIUM | N/A |
Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. | |||||
CVE-1999-0256 | 2 Jgaa, Microsoft | 3 Warftpd, Windows 95, Windows Nt | 2008-09-09 | 7.5 HIGH | N/A |
Buffer overflow in War FTP allows remote execution of commands. | |||||
CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2008-09-09 | 7.8 HIGH | N/A |
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | |||||
CVE-1999-0191 | 1 Microsoft | 1 Internet Information Server | 2008-09-09 | 6.4 MEDIUM | N/A |
IIS newdsn.exe CGI script allows remote users to overwrite files. | |||||
CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2008-09-09 | 5.0 MEDIUM | N/A |
Land IP denial of service. | |||||
CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2008-09-09 | 5.0 MEDIUM | N/A |
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||||
CVE-2008-1200 | 1 Microsoft | 2 Access, Jet | 2008-09-05 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026. | |||||
CVE-2007-6043 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 7.1 HIGH | N/A |
The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898. | |||||
CVE-2006-6659 | 1 Microsoft | 3 Ie, Outlook, Windows Xp | 2008-09-05 | 5.0 MEDIUM | N/A |
The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML. | |||||
CVE-2006-4888 | 1 Microsoft | 1 Ie | 2008-09-05 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT. | |||||
CVE-2006-0935 | 1 Microsoft | 1 Word | 2008-09-05 | 2.6 LOW | N/A |
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz. | |||||
CVE-2006-0544 | 1 Microsoft | 1 Ie | 2008-09-05 | 7.5 HIGH | N/A |
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters. | |||||
CVE-2005-4679 | 1 Microsoft | 1 Ie | 2008-09-05 | 5.0 MEDIUM | N/A |
Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. |