Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Xp
Subscriptions
Total
1352 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-1218 | 1 Microsoft | 5 Windows 2000, Windows 98, Windows 98se and 2 more | 2024-08-08 | 9.8 Critical |
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | ||||
CVE-2001-1200 | 1 Microsoft | 1 Windows Xp | 2024-08-08 | N/A |
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys. | ||||
CVE-2001-0909 | 1 Microsoft | 1 Windows Xp | 2024-08-08 | N/A |
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | ||||
CVE-2001-0877 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-08-08 | N/A |
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. | ||||
CVE-2001-0879 | 1 Microsoft | 4 Sql Server, Windows 2000, Windows Nt and 1 more | 2024-08-08 | N/A |
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | ||||
CVE-2001-0876 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-08-08 | N/A |
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | ||||
CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-08-08 | N/A |
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | ||||
CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-08-08 | N/A |
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | ||||
CVE-2002-2283 | 1 Microsoft | 1 Windows Xp | 2024-08-08 | N/A |
Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users. | ||||
CVE-2002-2185 | 6 Debian, Mandrakesoft, Microsoft and 3 more | 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more | 2024-08-08 | N/A |
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | ||||
CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2024-08-08 | N/A |
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | ||||
CVE-2002-1670 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2024-08-08 | N/A |
Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched. | ||||
CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-08-08 | N/A |
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | ||||
CVE-2002-1327 | 1 Microsoft | 1 Windows Xp | 2024-08-08 | N/A |
Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise." | ||||
CVE-2002-1258 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-08-08 | N/A |
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | ||||
CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-08-08 | N/A |
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | ||||
CVE-2002-1260 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-08-08 | N/A |
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | ||||
CVE-2002-1257 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-08-08 | N/A |
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | ||||
CVE-2002-1256 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2024-08-08 | N/A |
The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller. | ||||
CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2024-08-08 | N/A |
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. |