Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2002-0027 7.5
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Ver
23-07-2021 - 12:55 08-03-2002 - 05:00
CVE-2002-0022 7.5
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings
23-07-2021 - 12:55 08-03-2002 - 05:00
CVE-2001-0875 7.5
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.
23-07-2021 - 12:55 26-11-2001 - 05:00
CVE-2001-0154 7.5
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
23-07-2021 - 12:18 03-05-2001 - 04:00
CVE-2004-0574 10.0
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, poss
09-04-2020 - 13:50 03-11-2004 - 05:00
CVE-2003-0904 6.0
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authenticatio
09-04-2020 - 13:49 20-01-2004 - 05:00
CVE-2005-1218 5.0
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
30-04-2019 - 14:27 10-08-2005 - 04:00
CVE-2003-0824 5.0
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain
30-04-2019 - 14:27 15-12-2003 - 05:00
CVE-2004-0202 5.0
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
30-04-2019 - 14:27 06-08-2004 - 04:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
30-04-2019 - 14:27 17-01-2003 - 05:00
CVE-2004-0654 2.1
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic
30-10-2018 - 16:26 06-08-2004 - 04:00
CVE-2012-2552 4.3
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or H
12-10-2018 - 22:03 09-10-2012 - 21:55
CVE-2005-2128 5.0
QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
12-10-2018 - 21:37 12-10-2005 - 13:04
CVE-2005-1983 10.0
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious applica
12-10-2018 - 21:36 10-08-2005 - 04:00
CVE-2005-1984 7.5
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
12-10-2018 - 21:36 10-08-2005 - 04:00
CVE-2004-0847 7.5
The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Valid
12-10-2018 - 21:35 03-11-2004 - 05:00
CVE-2004-0204 7.5
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.
12-10-2018 - 21:34 06-08-2004 - 04:00
CVE-2003-0820 7.5
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
12-10-2018 - 21:33 15-12-2003 - 05:00
CVE-2003-0821 7.5
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
12-10-2018 - 21:33 15-12-2003 - 05:00
CVE-2003-0905 5.0
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP pack
12-10-2018 - 21:33 15-04-2004 - 04:00
CVE-2003-0664 7.5
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.
12-10-2018 - 21:32 20-10-2003 - 04:00
CVE-2003-0681 7.5
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
03-05-2018 - 01:29 06-10-2003 - 04:00
CVE-2002-1117 5.0
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
10-10-2017 - 01:30 04-10-2002 - 04:00
Back to Top Mark selected
Back to Top