| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
701 |
CVE-2002-2105 |
|
|
|
2002-12-31 |
2017-12-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. |
|
702 |
CVE-2002-2028 |
|
|
|
2002-12-31 |
2019-04-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not
verify if a domain account has already been locked when a valid password
is provided, which makes it easier for users with physical access to
conduct brute force password guessing. |
|
703 |
CVE-2002-1932 |
|
|
|
2002-12-31 |
2019-04-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Microsoft Windows XP and Windows 2000, when configured to send
administrative alerts and the "Do not overwrite events (clear log
manually)" option is set, does not notify the administrator when the log
reaches its maximum size, which allows local users and remote attackers
to avoid detection. |
|
704 |
CVE-2002-1670 |
|
|
|
2002-12-31 |
2017-07-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Microsoft Windows XP Professional upgrade edition overwrites
previously installed patches for Internet Explorer 6.0, leaving Internet
Explorer unpatched. |
|
705 |
CVE-2002-1561 |
|
|
DoS |
2003-04-02 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP
allows remote attackers to cause a denial of service (disabled RPC
service) via a malformed packet to the RPC Endpoint Mapper at TCP port
135, which triggers a null pointer dereference. |
|
706 |
CVE-2002-1327 |
|
|
Exec Code Overflow |
2002-12-26 |
2018-10-12 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the Windows Shell function in Microsoft Windows
XP allows remote attackers to execute arbitrary code via an .MP3 or
.WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer
in Windows Shell Could Enable System Compromise." |
|
707 |
CVE-2002-1325 |
|
|
|
2002-12-23 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows
remote attackers to determine a local user's username via a Java applet
that accesses the user.dir system property, aka "User.dir Exposure
Vulnerability." |
|
708 |
CVE-2002-1260 |
|
|
Bypass |
2002-12-23 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual
Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass
security checks and access database contents via an untrusted Java
applet. |
|
709 |
CVE-2002-1258 |
|
|
|
2002-12-23 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and
including build 5.0.3805, as used in Internet Explorer and other
applications, allow remote attackers to read files via a Java applet
with a spoofed location in the CODEBASE parameter in the APPLET tag,
possibly due to a parsing error. |
|
710 |
CVE-2002-1257 |
|
|
Exec Code |
2002-12-23 |
2019-04-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Virtual Machine (VM) up to and including build 5.0.3805
allows remote attackers to execute arbitrary code by including a Java
applet that invokes COM (Component Object Model) objects in a web site
or an HTML mail. |
|
711 |
CVE-2002-1256 |
|
|
|
2002-12-23 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The SMB signing capability in the Server Message Block (SMB)
protocol in Microsoft Windows 2000 and Windows XP allows attackers to
disable the digital signing settings in an SMB session to force the data
to be sent unsigned, then inject data into the session without
detection, e.g. by modifying group policy information sent from a domain
controller. |
|
712 |
CVE-2002-1214 |
|
|
DoS Exec Code Overflow |
2002-10-28 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Microsoft PPTP Service on Windows XP and
Windows 2000 allows remote attackers to cause a denial of service (hang)
and possibly execute arbitrary code via a certain PPTP packet with
malformed control data. |
|
713 |
CVE-2002-1139 |
|
|
|
2002-10-11 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The Compressed Folders feature in Microsoft Windows 98 with Plus!
Pack, Windows Me, and Windows XP does not properly check the destination
folder during the decompression of ZIP files, which allows attackers to
place an executable file in a known location on a user's system, aka
"Incorrect Target Path for Zipped File Decompression." |
|
714 |
CVE-2002-0974 |
|
|
|
2002-09-24 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Help and Support Center for Windows XP allows remote attackers to
delete arbitrary files via a link to the hcp: protocol that accesses
uplddrvinfo.htm. |
|
715 |
CVE-2002-0864 |
|
|
DoS |
2002-10-11 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP
allows remote attackers to cause a denial of service (crash) when
Remote Desktop is enabled via a PDU Confirm Active data packet that does
not set the Pattern BLT command, aka "Denial of Service in Remote
Desktop." |
|
716 |
CVE-2002-0863 |
|
|
|
2002-10-11 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000
and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext
session data, which could allow a remote attacker to determine the
contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP
Protocol." |
|
717 |
CVE-2002-0862 |
|
|
|
2002-10-04 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The (1) CertGetCertificateChain, (2)
CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the
CryptoAPI for Microsoft products including Microsoft Windows 98 through
XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for
Mac, do not properly verify the Basic Constraints of intermediate
CA-signed X.509 certificates, which allows remote attackers to spoof the
certificates of trusted sites via a man-in-the-middle attack for SSL
sessions, as originally reported for Internet Explorer and IIS. |
|
718 |
CVE-2002-0724 |
|
|
DoS Overflow |
2002-09-24 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in SMB (Server Message Block) protocol in
Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to
cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a
request for the (1) NetShareEnum, (2) NetServerEnum2, or (3)
NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead
to Denial of Service". |
|
719 |
CVE-2002-0699 |
|
|
|
2002-10-04 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Unknown vulnerability in the Certificate Enrollment ActiveX
Control in Microsoft Windows 98, Windows 98 Second Edition, Windows
Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote
attackers to delete digital certificates on a user's system via HTML.
|
|
720 |
CVE-2002-0694 |
|
|
Exec Code |
2002-10-10 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The HTML Help facility in Microsoft Windows 98, 98 Second Edition,
Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows
2000, and Windows XP uses the Local Computer Security Zone when opening
.chm files from the Temporary Internet Files folder, which allows remote
attackers to execute arbitrary code via HTML mail that references or
inserts a malicious .chm file containing shortcuts that can be executed,
aka "Code Execution via Compiled HTML Help File." |
|
721 |
CVE-2002-0693 |
|
|
Exec Code Overflow |
2002-10-10 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in
Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT
4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote
attackers to execute code via (1) a long parameter to the Alink
function, or (2) script containing a long argument to the showHelp
function. |
|
722 |
CVE-2002-0692 |
|
|
DoS Overflow |
2002-10-10 |
2019-04-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft
FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers
to cause a denial of service (CPU consumption) or run arbitrary code,
respectively, via a certain type of web file request. |
|
723 |
CVE-2002-0370 |
|
|
DoS Exec Code Overflow |
2002-10-10 |
2018-10-12 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the ZIP capability for multiple products allows
remote attackers to cause a denial of service or execute arbitrary code
via ZIP files containing entries with long filenames, including (1)
Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME,
(4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6)
Stuffit Expander before 7.0. |
|
724 |
CVE-2002-0366 |
|
|
Exec Code Overflow |
2002-07-03 |
2019-04-30 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Remote Access Service (RAS) phonebook for
Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS)
allows local users to execute arbitrary code by modifying the
rasphone.pbk file to use a long dial-up entry. |
|
725 |
CVE-2002-0283 |
|
|
DoS |
2002-05-31 |
2016-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows XP with port 445 open allows remote attackers to cause a
denial of service (CPU consumption) via a flood of TCP SYN packets
containing possibly malformed data. |
|
726 |
CVE-2002-0151 |
|
|
DoS Overflow +Priv |
2002-04-04 |
2019-04-30 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft
Windows operating systems allows local users to cause a denial of
service or possibly gain SYSTEM privileges via a long UNC request. |
|
727 |
CVE-2002-0057 |
|
|
|
2002-03-08 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
XMLHTTP control in Microsoft XML Core Services 2.6 and later does
not properly handle IE Security Zone settings, which allows remote
attackers to read arbitrary files by specifying a local file as an XML
Data Source. |
|
728 |
CVE-2002-0055 |
|
|
DoS |
2002-03-08 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SMTP service in Microsoft Windows 2000, Windows XP Professional,
and Exchange 2000 allows remote attackers to cause a denial of service
via a command with a malformed data transfer (BDAT) request. |
|
729 |
CVE-2002-0053 |
119 |
|
DoS Exec Code Overflow |
2002-03-08 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in SNMP agent service in Windows 95/98/98SE,
Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to
cause a denial of service or execute arbitrary code via a malformed
management request. NOTE: this candidate may be split or merged with
other candidates. This and other PROTOS-related candidates, especially
CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate
information is available. |
|
730 |
CVE-2002-0034 |
|
|
|
2004-02-03 |
2019-04-30 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Microsoft CONVERT.EXE program, when used on Windows 2000 and
Windows XP systems, does not apply the default NTFS permissions when
converting a FAT32 file system, which could cause the conversion to
produce a file system with less secure permissions than expected. |
|
731 |
CVE-2001-1571 |
|
|
|
2001-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Remote Desktop client in Windows XP sends the most recent user
account name in cleartext, which could allow remote attackers to obtain
terminal server user account names via sniffing. |
|
732 |
CVE-2001-1570 |
|
|
|
2001-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Windows XP with fast user switching and account lockout enabled
allows local users to deny user account access by setting the fast user
switch to the same user (self) multiple times, which causes other
accounts to be locked out. |
|
733 |
CVE-2001-1560 |
|
|
DoS |
2001-12-31 |
2019-04-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000
and XP allows local users to cause a denial of service (system crash) by
calling the ShowWindow function after receiving a WM_NCCREATE message.
|
|
734 |
CVE-2001-1200 |
|
|
Bypass |
2001-12-17 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Windows XP allows local users to bypass a locked screen
and run certain programs that are associated with Hot Keys. |
|
735 |
CVE-2001-0909 |
|
|
Exec Code Overflow |
2001-11-21 |
2017-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in helpctr.exe program in Microsoft Help Center
for Windows XP allows remote attackers to execute arbitrary code via a
long hcp: URL. |
|
736 |
CVE-2001-0879 |
|
|
DoS |
2001-12-20 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Format string vulnerability in the C runtime functions in SQL
Server 7.0 and 2000 allows attackers to cause a denial of service. |
|
737 |
CVE-2001-0877 |
|
|
DoS |
2001-12-20 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP
allows remote attackers to cause a denial of service via (1) a spoofed
SSDP advertisement that causes the client to connect to a service on
another machine that generates a large amount of traffic (e.g.,
chargen), or (2) via a spoofed SSDP announcement to broadcast or
multicast addresses, which could cause all UPnP clients to send traffic
to a single target system. |
|
738 |
CVE-2001-0876 |
|
|
Exec Code Overflow |
2001-12-20 |
2018-10-12 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98,
98SE, ME, and XP allows remote attackers to execute arbitrary code via a
NOTIFY directive with a long Location URL. |
|
739 |
CVE-2001-0860 |
|
|
|
2001-12-06 |
2017-10-09 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Terminal Services Manager MMC in Windows 2000 and XP trusts the
Client Address (IP address) that is provided by the client instead of
obtaining it from the packet headers, which allows clients to spoof
their public IP address, e.g. through a Network Address Translation
(NAT). |
|
740 |
CVE-2001-0721 |
|
|
DoS |
2001-12-06 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP
allows remote attackers to cause a denial of service (memory consumption
or crash) via a malformed UPnP request. |
|
741 |
CVE-2000-1218 |
|
|
|
2000-04-14 |
2019-04-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The default configuration for the domain name resolver for
Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching
parameter to 0, which causes Windows to accept DNS updates from hosts
that it did not query, which allows remote attackers to poison the DNS
cache. |
