The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Windows 2000

Windows: changing configuration via DHCP INFORM
An attacker can reply to DHCP INFORM queries of Windows, in order to alter its configuration...
VIGILANCE-VUL-14818
Microsoft HTML Help: buffer overflow
An attacker can invite the victim to open a malicious CHM file with Microsoft HTML Help, in order to execute code...
BID-47330, VIGILANCE-VUL-10562
Windows AD: buffer overflow of Browser RequestElection
An attacker can send a large RequestElection packet to the Windows Master Browser, in order to create a denial of service, and possibly to execute code...
2511455, BID-46360, CERTA-2011-AVI-202, CVE-2011-0654, MS11-019, VIGILANCE-VUL-10367, VU#323172
Windows: code execution via the SMB server
An attacker can connect to the SMB/CIFS server, in order to generate a denial of service or to execute code on the computer...
971468, BID-38049, BID-38051, BID-38054, BID-38085, CERTA-2010-AVI-070, CVE-2010-0020, CVE-2010-0021, CVE-2010-0022, CVE-2010-0231, MS10-012, VIGILANCE-VUL-9436
ASP.NET: information disclosure via Padding Oracle
An attacker can use ASP.NET as an "oracle" to decrypt information such as the View State object, or read a file such as "web.config"...
2416728, 2418042, BID-43316, CERTA-2010-AVI-458, CVE-2010-3332, MS10-070, SUSE-SU-2012:0393-1, VIGILANCE-VUL-9953
Windows: code execution via DLL Preload
An attacker can use a malicious DLL in order to execute code in the context of the targeted application...
2269637, VIGILANCE-VUL-9879, VU#707943
Windows: buffer overflow in CreateDIBPalette
A local attacker can use the clipboard, in order to generate a buffer overflow in the CreateDIBPalette() function, which can lead to code execution...
BID-42291, CVE-2010-2739, VIGILANCE-VUL-9817
Windows: code execution via LNK
An attacker can invite the victim to display a directory containing a malicious link, in order to execute code on his computer...
2286198, BID-41732, CERTA-2010-AVI-353, CVE-2010-2568, MS10-046, VIGILANCE-VUL-9770, VU#940193
Windows: buffer overflow of UpdateFrameTitleForDocument
An attacker can invite the victim to open a document with an application which changes the title of the window with UpdateFrameTitleForDocument(), in order to execute code on his computer...
2387149, BID-41333, CERTA-2010-AVI-484, CVE-2010-3227, MS10-074, VIGILANCE-VUL-9740
Windows: privilege elevation via CFF
A local attacker can use an OpenType Compact Font Format font, in order to obtain system privileges...
980218, BID-40572, CERTA-2010-AVI-249, CVE-2010-0819, MS10-037, VIGILANCE-VUL-9693
Our database contains other pages. You can request a free trial to read them.