LiveActive security incident?Get immediate response
CVE archive

September 2000

Browse CVE records published in September 2000, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 25 of 75 matching CVEs · Page 2 of 2.

Unknown · CVSS Not scored

CVE-2000-0746: Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.

Published Sep 21, 2000 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2000-0736: Buffer overflow in Becky!

Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.

Published Sep 21, 2000 · Updated Aug 8, 2024