Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Nt Subscriptions
Total 286 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0391 5 Freebsd, Microsoft, Openbsd and 2 more 9 Freebsd, Windows 2000, Windows Nt and 6 more 2024-11-20 9.8 Critical
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVE-2002-0367 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 7.8 High
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
CVE-2002-0366 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2024-11-20 N/A
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
CVE-2002-0151 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2024-11-20 N/A
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
CVE-2002-0070 1 Microsoft 4 Windows 2000, Windows 98, Windows 98se and 1 more 2024-11-20 N/A
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
CVE-2002-0053 1 Microsoft 6 Windows 2000, Windows 95, Windows 98 and 3 more 2024-11-20 N/A
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.
CVE-2002-0018 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 N/A
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
CVE-2001-1452 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 7.5 High
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.
CVE-2001-1288 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 N/A
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2024-11-20 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2001-1122 1 Microsoft 1 Windows Nt 2024-11-20 N/A
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
CVE-2001-0879 1 Microsoft 4 Sql Server, Windows 2000, Windows Nt and 1 more 2024-11-20 N/A
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVE-2001-0663 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 N/A
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.
CVE-2001-0662 1 Microsoft 1 Windows Nt 2024-11-20 N/A
RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request.
CVE-2001-0543 1 Microsoft 3 Exchange Server, Windows 2000, Windows Nt 2024-11-20 N/A
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
CVE-2001-0509 1 Microsoft 4 Exchange Server, Sql Server, Windows 2000 and 1 more 2024-11-20 N/A
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
CVE-2001-0373 1 Microsoft 2 Windows 2000, Windows Nt 2024-11-20 N/A
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
CVE-2001-0341 1 Microsoft 3 Frontpage Server Extensions, Windows 2000, Windows Nt 2024-11-20 N/A
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
CVE-2001-0281 1 Microsoft 1 Windows Nt 2024-11-20 N/A
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
CVE-2001-0238 1 Microsoft 6 Windows 2000, Windows 95, Windows 98 and 3 more 2024-11-20 N/A
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.