CVSS: 7.5EPSS: 48%CPEs: 7EXPL: 0CVE-2002-0055
https://notcve.org/view.php?id=CVE-2002-0055
08 Mar 2002 — SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. El servicio SMTP en Windows 2000/XP Professional y Exchange 2000 permite a atacantes remotos provocar denegación de servico mediante un comando con una petición transferencia de datos malformada. • http://marc.info/?l=bugtraq&m=101558498401274&w=2 • CWE-669: Incorrect Resource Transfer Between Spheres •
CVSS: 9.1EPSS: 11%CPEs: 1EXPL: 0CVE-2002-0049
https://notcve.org/view.php?id=CVE-2002-0049
08 Mar 2002 — Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. Microsoft Exchange Server 2000 System Attendant da a el grupo "Todos" privilegios para modificar las claves del registro, lo que podría permitir a atacantes remotos leer o modifcar claves del registro. • http://www.osvdb.org/2042 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0666
https://notcve.org/view.php?id=CVE-2001-0666
30 Oct 2001 — Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox. • http://www.securityfocus.com/bid/3368 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 8%CPEs: 3EXPL: 0CVE-2001-0543
https://notcve.org/view.php?id=CVE-2001-0543
20 Sep 2001 — Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. • http://www.securityfocus.com/bid/3183 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0CVE-2001-1099
https://notcve.org/view.php?id=CVE-2001-1099
07 Sep 2001 — The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. • http://www.securityfocus.com/archive/1/212724 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2001-0509
https://notcve.org/view.php?id=CVE-2001-0509
29 Aug 2001 — Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 7%CPEs: 2EXPL: 0CVE-2001-0340
https://notcve.org/view.php?id=CVE-2001-0340
21 Jul 2001 — An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. • http://www.ciac.org/ciac/bulletins/l-091.shtml • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 10%CPEs: 2EXPL: 0CVE-2001-1319
https://notcve.org/view.php?id=CVE-2001-1319
16 Jul 2001 — Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. • http://ciac.llnl.gov/ciac/bulletins/l-116.shtml •
CVSS: 7.5EPSS: 12%CPEs: 2EXPL: 0CVE-2001-0146
https://notcve.org/view.php?id=CVE-2001-0146
09 Mar 2001 — IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. • http://www.kb.cert.org/vuls/id/796584 •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2000-1139
https://notcve.org/view.php?id=CVE-2000-1139
09 Jan 2001 — The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. • http://www.securityfocus.com/bid/1958 • CWE-798: Use of Hard-coded Credentials •