CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0666
https://notcve.org/view.php?id=CVE-2001-0666
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox. • http://www.securityfocus.com/bid/3368 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-049 https://exchange.xforce.ibmcloud.com/vulnerabilities/7168 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2001-0543
https://notcve.org/view.php?id=CVE-2001-0543
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. • http://www.securityfocus.com/bid/3183 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-043 https://exchange.xforce.ibmcloud.com/vulnerabilities/6977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A334 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2001-1099
https://notcve.org/view.php?id=CVE-2001-1099
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. • http://www.securityfocus.com/archive/1/212724 http://www.securityfocus.com/archive/1/213762 http://www.securityfocus.com/bid/3305 https://exchange.xforce.ibmcloud.com/vulnerabilities/7093 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2001-0509
https://notcve.org/view.php?id=CVE-2001-0509
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A82 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0340
https://notcve.org/view.php?id=CVE-2001-0340
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. • http://www.ciac.org/ciac/bulletins/l-091.shtml https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/6652 • CWE-434: Unrestricted Upload of File with Dangerous Type •