CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2001-0509
https://notcve.org/view.php?id=CVE-2001-0509
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A82 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0340
https://notcve.org/view.php?id=CVE-2001-0340
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. • http://www.ciac.org/ciac/bulletins/l-091.shtml https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/6652 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0CVE-2001-1319
https://notcve.org/view.php?id=CVE-2001-1319
Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. • http://ciac.llnl.gov/ciac/bulletins/l-116.shtml http://www.cert.org/advisories/CA-2001-18.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3 http://www.kb.cert.org/vuls/id/763400 http://www.kb.cert.org/vuls/id/CFCN-4YAQC7 http://www.securityfocus.com/bid/3045 https://exchange.xforce.ibmcloud.com/vulnerabilities/6899 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2001-0146
https://notcve.org/view.php?id=CVE-2001-0146
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. • http://www.kb.cert.org/vuls/id/796584 http://www.securityfocus.com/bid/2440 http://www.securityfocus.com/bid/2441 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/6171 https://exchange.xforce.ibmcloud.com/vulnerabilities/6172 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-1139
https://notcve.org/view.php?id=CVE-2000-1139
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. • http://www.securityfocus.com/bid/1958 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-088 https://exchange.xforce.ibmcloud.com/vulnerabilities/5537 • CWE-798: Use of Hard-coded Credentials •