RSS   Vulnerabilities for 'Windows 2000 terminal services'   RSS

2005-06-14
 
CVE-2005-1214

CWE-Other
 

 
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

 
 
CVE-2005-1212

CWE-Other
 

 
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.

 
2003-08-18
 
CVE-2003-0496

CWE-Other
 

 
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

 
2003-05-12
 
CVE-2003-0112

CWE-Other
 

 
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

 
2003-05-05
 
CVE-2003-0111

CWE-Other
 

 
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."

 
2003-03-31
 
CVE-2003-0109

CWE-Other
 

 
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

 
2003-03-24
 
CVE-2003-0010

CWE-Other
 

 
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

 
2003-02-07
 
CVE-2003-0003

CWE-Other
 

 
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

 
2003-01-17
 
CVE-2003-0001

CWE-200
 

 
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

 
2002-12-31
 
CVE-2002-1933

 

 
The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window.

 


Copyright 2024, cxsecurity.com

 

Back to Top