Microsoft

Windows 2000

516 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 19.26%
  • Veröffentlicht 11.07.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:14:21

Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eve...

  • EPSS 70.14%
  • Veröffentlicht 14.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:38

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."

  • EPSS 47.15%
  • Veröffentlicht 14.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:39

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer ov...

  • EPSS 24.8%
  • Veröffentlicht 14.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:39

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

  • EPSS 12.77%
  • Veröffentlicht 14.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:39

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

Exploit
  • EPSS 26.63%
  • Veröffentlicht 13.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:56

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the fun...

Exploit
  • EPSS 83.28%
  • Veröffentlicht 31.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:57

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes ...

  • EPSS 33.21%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:23

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validat...

  • EPSS 73.09%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:23

The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) ...

  • EPSS 5.13%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:24

Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."