CPE Details
Microsoft NetMeeting 3.0.1
3.0.1
2007-08-23
19h16 +00:00
19h16 +00:00
2008-04-15
21h00 +00:00
21h00 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:microsoft:netmeeting:3.0.1:*:*:*:*:*:*:*
Informations
Vendor
microsoftProduct
netmeetingVersion
3.0.1Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | 7.5 |
|||
| Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | 7.5 |
|||
| Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request. | 5 |
|||
| Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation. | 5 |
|||
| Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability. | 5 |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.