CVSS: 7.5EPSS: 4%CPEs: 46EXPL: 0CVE-2002-0694
https://notcve.org/view.php?id=CVE-2002-0694
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." • http://www.iss.net/security_center/static/10254.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A403 •
CVSS: 7.5EPSS: 88%CPEs: 46EXPL: 1CVE-2002-0693 – Microsoft Windows XP/2000/NT 4.0 - Help Facility ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0693
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. Desbordamiento de búfer en el control ActiveX de ayuda HTML (hhctrl.ocx) en Microsoft Windows 98, 98 SE, Me, NT4, 2000 y XP, permite a atacantes remotos ejecutar código arbitrario mediante un parámetro largo en la función Alink. • https://www.exploit-db.com/exploits/21902 http://marc.info/?l=bugtraq&m=103365849505409&w=2 http://marc.info/?l=bugtraq&m=103419115517344&w=2 http://marc.info/?l=bugtraq&m=103435279404182&w=2 http://www.iss.net/security_center/static/10253.php http://www.securityfocus.com/bid/5874 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374 •
CVSS: 5.0EPSS: 2%CPEs: 22EXPL: 0CVE-2002-0863
https://notcve.org/view.php?id=CVE-2002-0863
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." • http://marc.info/?l=bugtraq&m=103235960119404&w=2 http://marc.info/?l=bugtraq&m=103236181522253&w=2 http://www.iss.net/security_center/static/10121.php http://www.iss.net/security_center/static/10122.php http://www.kb.cert.org/vuls/id/865833 http://www.securityfocus.com/bid/5711 http://www.securityfocus.com/bid/5712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mi •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2002-0720
https://notcve.org/view.php?id=CVE-2002-0720
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. Una rutina manejadora en el Network Connection Manager (NCM) permite a usuarios locales ganar privilegios mediante un complejo ataque que hace que el manejador corra en el contexto LocalSystem con código especificado por el usuario. • http://www.iss.net/security_center/static/9856.php http://www.securityfocus.com/bid/5480 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A26 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0697
https://notcve.org/view.php?id=CVE-2002-0697
Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials. Microsoft Metadirectory Services (MMS) 2.2 permite que atacantes remotos se salten la autentificación y modifiquen datos importantes usando un cliente LDAP para conectarse directamente a MMS y saltarse las comprobaciones de credenciales para MMS. • http://www.iss.net/security_center/static/9657.php http://www.securityfocus.com/bid/5308 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-036 •