Microsoft

Windows 2000

517 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2004-0202

  • EPSS 35.37%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.

7.8

CVE-2004-0210

Warnung
  • EPSS 5.64%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

10

CVE-2004-0212

  • EPSS 85.02%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Interne...

7.8

CVE-2004-0213

  • EPSS 2.47%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to la...

10

CVE-2004-0540

  • EPSS 20.41%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.

7.5

CVE-2004-0726

Exploit
  • EPSS 20.49%
  • Veröffentlicht 27.07.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.

7.5

CVE-2003-0533

  • EPSS 88.41%
  • Veröffentlicht 01.06.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and...

5

CVE-2003-0663

  • EPSS 41.38%
  • Veröffentlicht 01.06.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.

7.5

CVE-2003-0719

  • EPSS 78.36%
  • Veröffentlicht 01.06.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows re...

7.5

CVE-2003-0806

  • EPSS 72.49%
  • Veröffentlicht 01.06.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.