Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 2000
Subscriptions
Total
635 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0534 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | ||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | ||||
| CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2025-04-03 | N/A |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | ||||
| CVE-2000-0487 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | ||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | ||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2025-04-03 | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | ||||
| CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | N/A |
| Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | ||||
| CVE-1999-0716 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. | ||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | ||||
| CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | ||||
| CVE-2002-2328 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | ||||
| CVE-2003-0995 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request. | ||||
| CVE-2005-2117 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Explorer and 1 more | 2025-04-03 | N/A |
| Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code. | ||||
| CVE-2005-2122 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118. | ||||
| CVE-2005-2126 | 1 Microsoft | 4 Ie, Windows 2000, Windows 2003 Server and 1 more | 2025-04-03 | N/A |
| The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. | ||||
| CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2025-04-03 | N/A |
| Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | ||||
| CVE-1999-0503 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT local user or administrator account has a guessable password. | ||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | ||||
| CVE-2001-0018 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests. | ||||
| CVE-2000-0834 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. | ||||