Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 2000
Subscriptions
Total
635 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0978 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 98se and 4 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter. | ||||
| CVE-2003-1544 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. | ||||
| CVE-2004-0206 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2026-04-16 | N/A |
| Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. | ||||
| CVE-2004-0208 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | ||||
| CVE-2004-0209 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||||
| CVE-2004-0214 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 98 and 2 more | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | ||||
| CVE-2004-0567 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | ||||
| CVE-2004-0568 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | ||||
| CVE-2004-0571 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2026-04-16 | N/A |
| Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | ||||
| CVE-2004-0574 | 1 Microsoft | 4 Exchange Server, Windows 2000, Windows Nt and 1 more | 2026-04-16 | N/A |
| The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | ||||
| CVE-2004-0790 | 2 Microsoft, Sun | 8 Windows 2000, Windows 2003 Server, Windows 98 and 5 more | 2026-04-16 | N/A |
| Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | ||||
| CVE-2004-1049 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | ||||
| CVE-2004-1080 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." | ||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | ||||
| CVE-2001-0349 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability. | ||||
| CVE-2001-0351 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service. | ||||
| CVE-2001-0502 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users. | ||||
| CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2026-04-16 | N/A |
| Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | ||||
| CVE-2004-0894 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program. | ||||
| CVE-2001-0659 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet. | ||||