CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2002-1181
https://notcve.org/view.php?id=CVE-2002-1181
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors. Múltiples vulnerabilidades de scripting en sitios cruzados (XSS) en las páginas web de administració de Microsoft Internet Information Server (IIS) 4.0 a 5.1 permite a atacantes remotos ejecutar código HTML como otros usuarios. • http://marc.info/?l=bugtraq&m=103651224215736&w=2 http://www.ciac.org/ciac/bulletins/n-011.shtml http://www.iss.net/security_center/static/10501.php http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html http://www.securityfocus.com/bid/6068 http://www.securityfocus.com/bid/6072 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A942 https://oval.cise •
CVSS: 7.5EPSS: 96%CPEs: 11EXPL: 0CVE-2002-1214 – MS02-063 PPTP Malformed Control Data Kernel Denial of Service
https://notcve.org/view.php?id=CVE-2002-1214
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. Desbordamiento de búfer en el servicio Microsoft PPTP en Windows XP y Windows 2000 permite a atacantes remotos causar una denegación de servicio (cuelgue) y posiblemente ejecutar código arbitrario mediante un cierto paquete PPTP. • http://online.securityfocus.com/archive/1/293146 http://www.iss.net/security_center/static/10199.php http://www.securityfocus.com/bid/5807 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-063 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1141
https://notcve.org/view.php?id=CVE-2002-1141
An input validation error in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service via malformed fragmented RPC client packets, aka "Denial of service by sending an invalid RPC request." Un error en la validación de entrada en la librería de servicos RPC de Sun Microsystems en Unix 3.0 Interix SD, como la implementada en Microsost Windows NT4, 2000 y XP, permite a atacanes remotos causar una denegación de servicio mediante fragmentos malformados de paquetes de clientes RPC, también conocida como "Denegación de servicio mediante envío de peticiones RPC inválidas". • http://www.iss.net/security_center/static/10259.php http://www.securityfocus.com/bid/5880 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1140
https://notcve.org/view.php?id=CVE-2002-1140
The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service." La librería de Servicios RPC de Sun Microsystems para Unix 3.0 Interix SD, implementada en Microsoft Windows NT4, 2000 y XP, permite a atacantes remotos causar una denegación de servicio (cuelge del servicio) mediante fragmentos de paquetes malformados, también conocida como "Comprobación equivocada de tamaño de parámetro conduciente a denegación de servidio". • http://www.iss.net/security_center/static/10258.php http://www.securityfocus.com/bid/5879 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057 •
CVSS: 5.0EPSS: 4%CPEs: 14EXPL: 1CVE-2002-0864
https://notcve.org/view.php?id=CVE-2002-0864
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." • http://marc.info/?l=bugtraq&m=103235745116592&w=2 http://marc.info/?l=bugtraq&m=103236181522253&w=2 http://www.iss.net/security_center/static/10120.php http://www.securityfocus.com/bid/5713 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 •