Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 2000
Subscriptions
Total
635 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0032 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7. | ||||
| CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| NETBIOS share information may be published through SNMP registry keys in NT. | ||||
| CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2025-04-03 | N/A |
| A system does not present an appropriate legal message or warning to a user who is accessing it. | ||||
| CVE-1999-0726 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | ||||
| CVE-2000-0222 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs. | ||||
| CVE-2000-0232 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. | ||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | ||||
| CVE-2000-0420 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | ||||
| CVE-2000-0580 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | ||||
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | ||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | ||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | ||||
| CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | ||||
| CVE-2001-1517 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information | ||||
| CVE-2002-0151 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | N/A |
| Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | ||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | ||||
| CVE-2002-0864 | 1 Microsoft | 4 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 1 more | 2025-04-03 | N/A |
| The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." | ||||
| CVE-2002-1184 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs. | ||||
| CVE-2002-1749 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | ||||
| CVE-2002-2328 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | ||||