CRITICAL🇵🇱 Wersja polska

CVE-2000-1218

CVSS 9.8v3.1pub. 2000-04-14upd. 2026-04-16

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows 2000

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 98

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 98se

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Nt

    OS
    Microsoft
    4.0
  • Microsoft Windows Xp

    OS
    Microsoft
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2014-1776CRITICAL9.8⚠ KEVten sam produkt

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute ar...

CVE-2008-4250CRITICAL9.8⚠ KEVten sam produkt

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1,...

CVE-2019-5620CRITICAL9.8ten sam produkt

ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical...

CVE-2020-7485CRITICAL9.8ten sam produkt

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and...

CVE-2012-1891CRITICAL9.8ten sam produkt

Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access ...