CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •
CVSS: 9.8EPSS: 50%CPEs: 46EXPL: 1CVE-2002-0693 – Microsoft Windows XP/2000/NT 4.0 - Help Facility ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0693
05 Oct 2002 — Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. Desbordamiento de búfer en el control ActiveX de ayuda HTML (hhctrl.ocx) en Microsoft Windows 98, 98 SE, Me, NT4, 2000 y XP, permite a atacantes remotos ejecutar ... • https://www.exploit-db.com/exploits/21902 •
CVSS: 6.8EPSS: 20%CPEs: 11EXPL: 1CVE-2002-0862 – Microsoft Internet Explorer 5/6 / Konqueror 2.2.2/3.0 / Weblogic Server 5/6/7 - Invalid X.509 Certificate Chain
https://notcve.org/view.php?id=CVE-2002-0862
10 Sep 2002 — The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explo... • https://www.exploit-db.com/exploits/21692 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 4%CPEs: 6EXPL: 0CVE-2002-0699
https://notcve.org/view.php?id=CVE-2002-0699
31 Aug 2002 — Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. Vulnerabilidad desconocida en el Control ActiveX de Enrolamiento de Certificados (Certificate Enrollment) en Microsoft Windows 98, Windows 98 Segunda Edición, Windows Millenium, Windows NT 4.0, Windows 2000 y Windows XP, permite a atacantes rem... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-048 •
CVSS: 7.5EPSS: 19%CPEs: 1EXPL: 0CVE-2001-1552
https://notcve.org/view.php?id=CVE-2001-1552
31 Dec 2001 — ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0133.html •
CVSS: 9.8EPSS: 81%CPEs: 4EXPL: 2CVE-2001-0876 – Microsoft Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0876
20 Dec 2001 — Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. Desbordamiento de buffer en UPnP (Universal Plug and Play) en Windows 98, 98E, Me y XP permite a atacantes remotos ejecutar código arbitrario por medio de una directiva NOTIFY con una URL muy larga. • https://www.exploit-db.com/exploits/21188 •
CVSS: 7.5EPSS: 59%CPEs: 4EXPL: 0CVE-2001-0877
https://notcve.org/view.php?id=CVE-2001-0877
20 Dec 2001 — Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. Desbordamiento de buffer en UPnP (Universal Plug and Play) en Windows 98, 98E, Me... • http://marc.info/?l=bugtraq&m=100887440810532&w=2 •
CVSS: 7.5EPSS: 19%CPEs: 4EXPL: 0CVE-2001-0721
https://notcve.org/view.php?id=CVE-2001-0721
22 Nov 2001 — Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. • http://marc.info/?l=bugtraq&m=100467787323377&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 6EXPL: 0CVE-2001-0238
https://notcve.org/view.php?id=CVE-2001-0238
02 Jul 2001 — Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. • http://www.ciac.org/ciac/bulletins/l-074.shtml •
CVSS: 8.8EPSS: 16%CPEs: 4EXPL: 0CVE-2001-0003
https://notcve.org/view.php?id=CVE-2001-0003
12 Feb 2001 — Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. • http://www.securityfocus.com/bid/2199 •