CVSS: 7.5EPSS: 18%CPEs: 3EXPL: 1CVE-2002-0823 – Microsoft Windows 95/98/2000/NT 4.0 - WinHlp Item Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0823
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter. El desbordamiento del búfer en Winhlp32.exe permite a los atacantes remotos ejecutar código arbitrario a través de un documento HTML que llama al control HTML Help ActiveX (HHCtrl.ocx) con una ruta de acceso larga en el parámetro Item. • https://www.exploit-db.com/exploits/21485 http://marc.info/?l=bugtraq&m=102822806329440&w=2 http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3Bq293338 http://www.iss.net/security_center/static/9746.php http://www.osvdb.org/2991 http://www.securityfocus.com/bid/4857 •
CVSS: 10.0EPSS: 82%CPEs: 10EXPL: 4CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1CVE-2002-0443
https://notcve.org/view.php?id=CVE-2002-0443
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords. • http://online.securityfocus.com/archive/1/260704 http://www.iss.net/security_center/static/8402.php http://www.securityfocus.com/bid/4256 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-0444
https://notcve.org/view.php?id=CVE-2002-0444
Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL share exceeds the maximum, e.g. with a maximum number of licenses, which can allow remote authenticated users to bypass group policies. • http://www.iss.net/security_center/static/8813.php http://www.securityfocus.com/archive/1/266729 http://www.securityfocus.com/bid/4464 •
CVSS: 7.2EPSS: 0%CPEs: 38EXPL: 0CVE-2002-0366
https://notcve.org/view.php?id=CVE-2002-0366
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry. • http://online.securityfocus.com/archive/1/276776 http://online.securityfocus.com/archive/1/278145 http://www.nextgenss.com/vna/ms-ras.txt http://www.securityfocus.com/bid/4852 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-029 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A61 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A63 •