Buffer Overflow in Microsoft CMD.EXE for Windows Products
CVE-2000-0331

Currently unrated

Key Information:

Vendor: Microsoft
Status: Terminal Server
Vendor: CVE Published:; 20 April 2000

What is CVE-2000-0331?

A buffer overflow vulnerability in the Microsoft command processor (CMD.EXE) provides a local user the ability to trigger a denial of service. This occurs when excessively long environment variables are processed, leading to potential disruption in system operations. The issue affects Windows NT and Windows 2000, highlighting the need for secure coding practices and user awareness regarding input limitations.

References

http://archives.neohapsis.com/archives/bugtraq/2000-04/01...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/1135

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
May 11, 2000
Vulnerability published
Apr 20, 2000