Windows 2000 Terminal Services CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2002-1260	1 Microsoft	8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more	2025-04-03	N/A
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
CVE-2002-0720	1 Microsoft	2 Windows 2000, Windows 2000 Terminal Services	2025-04-03	N/A
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
CVE-2003-0496	1 Microsoft	2 Windows 2000, Windows 2000 Terminal Services	2025-04-03	N/A
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.
CVE-2005-1212	1 Microsoft	7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more	2025-04-03	N/A
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

« first previous Page 2 of 2.