CVSS: 7.8EPSS: 21%CPEs: 46EXPL: 0CVE-2002-0694
https://notcve.org/view.php?id=CVE-2002-0694
10 Oct 2002 — The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." • http://www.iss.net/security_center/static/10254.php •
CVSS: 9.8EPSS: 50%CPEs: 46EXPL: 1CVE-2002-0693 – Microsoft Windows XP/2000/NT 4.0 - Help Facility ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0693
05 Oct 2002 — Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. Desbordamiento de búfer en el control ActiveX de ayuda HTML (hhctrl.ocx) en Microsoft Windows 98, 98 SE, Me, NT4, 2000 y XP, permite a atacantes remotos ejecutar ... • https://www.exploit-db.com/exploits/21902 •
CVSS: 6.8EPSS: 20%CPEs: 11EXPL: 1CVE-2002-0862 – Microsoft Internet Explorer 5/6 / Konqueror 2.2.2/3.0 / Weblogic Server 5/6/7 - Invalid X.509 Certificate Chain
https://notcve.org/view.php?id=CVE-2002-0862
10 Sep 2002 — The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explo... • https://www.exploit-db.com/exploits/21692 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 4%CPEs: 6EXPL: 0CVE-2002-0699
https://notcve.org/view.php?id=CVE-2002-0699
31 Aug 2002 — Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. Vulnerabilidad desconocida en el Control ActiveX de Enrolamiento de Certificados (Certificate Enrollment) en Microsoft Windows 98, Windows 98 Segunda Edición, Windows Millenium, Windows NT 4.0, Windows 2000 y Windows XP, permite a atacantes rem... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048 •
CVSS: 8.4EPSS: 24%CPEs: 5EXPL: 0CVE-2002-0070
https://notcve.org/view.php?id=CVE-2002-0070
15 Mar 2002 — Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. El desbordamiento del búfer en el Windows Shell (usado como escritorio de Windows) permite a atacantes locales y posibles atacantes remotos, la ejecución de código arbitrario mediante un manejador de URL que no ha sido eliminado de una aplicación defectuosamente desinstal... • http://marc.info/?l=bugtraq&m=101594127017290&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 33%CPEs: 6EXPL: 0CVE-2002-0053
https://notcve.org/view.php?id=CVE-2002-0053
18 Feb 2002 — Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. Desbordamiento de buffer en el agente del servicio SNMP en Windows 95/98/98SE... • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 81%CPEs: 4EXPL: 2CVE-2001-0876 – Microsoft Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0876
20 Dec 2001 — Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. Desbordamiento de buffer en UPnP (Universal Plug and Play) en Windows 98, 98E, Me y XP permite a atacantes remotos ejecutar código arbitrario por medio de una directiva NOTIFY con una URL muy larga. • https://www.exploit-db.com/exploits/21188 •
CVSS: 7.5EPSS: 59%CPEs: 4EXPL: 0CVE-2001-0877
https://notcve.org/view.php?id=CVE-2001-0877
20 Dec 2001 — Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. Desbordamiento de buffer en UPnP (Universal Plug and Play) en Windows 98, 98E, Me... • http://marc.info/?l=bugtraq&m=100887440810532&w=2 •
CVSS: 7.5EPSS: 19%CPEs: 4EXPL: 0CVE-2001-0721
https://notcve.org/view.php?id=CVE-2001-0721
22 Nov 2001 — Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. • http://marc.info/?l=bugtraq&m=100467787323377&w=2 •
CVSS: 7.5EPSS: 15%CPEs: 2EXPL: 2CVE-2001-1055 – Microsoft Windows 98 - ARP Denial of Service
https://notcve.org/view.php?id=CVE-2001-1055
30 Jul 2001 — The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. • https://www.exploit-db.com/exploits/21040 •