Microsoft Windows 2000 Terminal Services — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Windows 2000 Terminal Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-2002-1257 — CVSS 10.0 (critical): Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java…
CVE-2003-0010 — CVSS 7.5 (high): Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating…
CVE-2003-0003 — CVSS 7.5 (high): Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows…
CVE-2002-0693 — CVSS 7.5 (high): Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT…
CVE-2002-0444 — CVSS 7.5 (high): Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to…
CVE-2005-1212 — CVSS 7.5 (high): Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a…
CVE-2002-1214 — CVSS 7.5 (high): Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and…
CVE-2002-0694 — CVSS 7.5 (high): The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows…
CVE-2003-0111 — CVSS 7.5 (high): The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer…
CVE-2002-1260 — CVSS 7.5 (high): The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security…
CVE-2003-0109 — CVSS 7.5 (high): Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows…
CVE-2003-0496 — CVSS 7.2 (high): Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist…
CVE-2002-0720 — CVSS 7.2 (high): A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that…
CVE-2002-1933 — CVSS 7.2 (high): The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized…
CVE-2005-1214 — CVSS 5.1 (medium): Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a…
CVE-2002-0863 — CVSS 5.0 (medium): Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext…
CVE-2002-1561 — CVSS 5.0 (medium): The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC…
CVE-2002-1325 — CVSS 5.0 (medium): Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet…
CVE-2002-1258 — CVSS 5.0 (medium): Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other…
CVE-2002-1256 — CVSS 5.0 (medium): The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable…
CVE-2002-0864 — CVSS 5.0 (medium): The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote…
CVE-2003-0001 — CVSS 5.0 (medium): Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain…
CVE-2003-0112 — CVSS 4.6 (medium): Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
CVE-2002-1230 — CVSS 4.6 (medium): NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as…