CVSS: 5.0EPSS: 92%CPEs: 43EXPL: 0CVE-2002-1258
https://notcve.org/view.php?id=CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. Dos vulnerabilidades en la Máquina Virtual de Microsoft (VM) hasta 5.0.3805 inclusive, como la usada en Internet Explorer y otras aplicaciones, permite a atacantes remotos leer ficheros mediante un applet Java con una localización falsificada en el parámetro CODEBASE de la etiqueta APPLET, posiblemente debido a un error de procesado. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A582 •
CVSS: 4.6EPSS: 0%CPEs: 28EXPL: 0CVE-2002-1184
https://notcve.org/view.php?id=CVE-2002-1184
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs. La carpeta raíz de sistema de Microsoft Windows 2000 tienen permisos por defecto de accesso total para todos los usuarios, y está en el camino de búsqueda cuando se localizan programas durante el inicio de sesión o el lanzamiento de aplicaciones desde el escritorio, lo que puede permitir a atacantes ganar privilegios de otros usuarios mediante programas tipo caballo de Troya. • http://www.securityfocus.com/bid/5415 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064 https://exchange.xforce.ibmcloud.com/vulnerabilities/9779 •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 10CVE-2002-1230 – Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation
https://notcve.org/view.php?id=CVE-2002-1230
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation." El Agente NetDDE en sistemas Windows permite a usuarios locales ejecutar código arbitrario mediante un mensaje WM_COPYDATA usando un ataque de estilo "destrozar" (shatter) • https://www.exploit-db.com/exploits/21922 https://www.exploit-db.com/exploits/21923 https://www.exploit-db.com/exploits/21684 https://www.exploit-db.com/exploits/21685 https://www.exploit-db.com/exploits/21686 https://www.exploit-db.com/exploits/21687 https://www.exploit-db.com/exploits/21688 https://www.exploit-db.com/exploits/21689 https://www.exploit-db.com/exploits/21690 https://www.exploit-db.com/exploits/21691 http://getad.chat.ru http://www.ciac •
CVSS: 7.5EPSS: 96%CPEs: 11EXPL: 0CVE-2002-1214 – MS02-063 PPTP Malformed Control Data Kernel Denial of Service
https://notcve.org/view.php?id=CVE-2002-1214
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. Desbordamiento de búfer en el servicio Microsoft PPTP en Windows XP y Windows 2000 permite a atacantes remotos causar una denegación de servicio (cuelgue) y posiblemente ejecutar código arbitrario mediante un cierto paquete PPTP. • http://online.securityfocus.com/archive/1/293146 http://www.iss.net/security_center/static/10199.php http://www.securityfocus.com/bid/5807 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-063 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 1CVE-2001-1451
https://notcve.org/view.php?id=CVE-2001-1451
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B296815 http://www.kb.cert.org/vuls/id/887393 http://www.securityfocus.com/bid/6030 https://exchange.xforce.ibmcloud.com/vulnerabilities/10431 •