Windows 2000 Terminal Services CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2002-1325	1 Microsoft	8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more	2025-04-03	N/A
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
CVE-2002-0720	1 Microsoft	2 Windows 2000, Windows 2000 Terminal Services	2025-04-03	N/A
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
CVE-2003-0496	1 Microsoft	2 Windows 2000, Windows 2000 Terminal Services	2025-04-03	N/A
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.
CVE-2005-1212	1 Microsoft	7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more	2025-04-03	N/A
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

« first previous Page 2 of 2.