Filtered by vendor Microsoft Subscriptions
Total 24964 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0012 2 Microsoft, Netscape 5 Frontpage, Internet Information Server, Personal Web Server and 2 more 2026-04-16 7 High
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-2000-0260 1 Microsoft 2 Frontpage, Visual Interdev 2026-04-16 N/A
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
CVE-2002-1286 1 Microsoft 1 Java Virtual Machine 2026-04-16 N/A
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user.
CVE-2004-2179 1 Microsoft 2 Frontpage, Ie 2026-04-16 N/A
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
CVE-2005-1219 1 Microsoft 1 Image Color Management 2026-04-16 N/A
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
CVE-2004-0840 1 Microsoft 3 Exchange Server, Windows Server 2003, Windows Xp 2026-04-16 N/A
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.
CVE-2004-0846 1 Microsoft 2 Excel, Office 2026-04-16 N/A
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
CVE-2002-1695 2 Microsoft, Symantec 3 Internet Information Server, Internet Information Services, Norton Internet Security 2026-04-16 N/A
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running.
CVE-2002-1714 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.
CVE-2004-0199 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
CVE-2002-1973 2 Microsoft, Working Resources Inc. 2 Foundation Class Library, Badblue 2026-04-16 N/A
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
CVE-2004-0284 1 Microsoft 3 Ie, Internet Explorer, Outlook 2026-04-16 N/A
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name.
CVE-2003-0819 1 Microsoft 1 Proxy Server 2026-04-16 N/A
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVE-2004-2482 1 Microsoft 1 Outlook 2026-04-16 N/A
Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code.
CVE-1999-1544 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
CVE-2006-3945 2 Microsoft, Opera 2 Windows Xp, Opera Browser 2026-04-16 N/A
The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.
CVE-1999-1364 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
CVE-1999-1365 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
CVE-1999-1375 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
CVE-1999-1376 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.