Microsoft

Windows 2000

516 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 42.63%
  • Veröffentlicht 02.04.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:59:33

The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference...

Exploit
  • EPSS 86.4%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:32

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

  • EPSS 23.77%
  • Veröffentlicht 24.03.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:19

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a lar...

  • EPSS 45.45%
  • Veröffentlicht 07.02.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:19

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter inf...

  • EPSS 73.01%
  • Veröffentlicht 17.01.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:01:19

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

  • EPSS 24.27%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:59:48

Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not...

Exploit
  • EPSS 29.33%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:59:49

Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.

  • EPSS 1.45%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:59:54

Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.

  • EPSS 12.72%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:00:19

Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local use...

  • EPSS 1.96%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:00:31

The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.