Total
287 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0070 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
| NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request." | |||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2023-12-10 | 2.1 LOW | N/A |
| BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | |||||
| CVE-1999-0994 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. | |||||
| CVE-2001-0045 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 10.0 HIGH | N/A |
| The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | |||||
| CVE-2004-1049 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2023-12-10 | 5.1 MEDIUM | N/A |
| Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | |||||
| CVE-2003-0906 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 7.6 HIGH | N/A |
| Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | |||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | |||||
| CVE-1999-0570 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 10.0 HIGH | N/A |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | |||||
| CVE-1999-0384 | 1 Microsoft | 6 Office, Outlook, Project and 3 more | 2023-12-10 | 4.6 MEDIUM | N/A |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | |||||
| CVE-2002-1183 | 1 Microsoft | 3 Windows 98, Windows 98se, Windows Nt | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862). | |||||
| CVE-2002-0421 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. | |||||
| CVE-1999-0444 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | |||||
| CVE-2000-0885 | 1 Microsoft | 3 Systems Management Server, Windows 2000, Windows Nt | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates. | |||||
| CVE-2004-1306 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2023-12-10 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. | |||||
| CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||||
| CVE-1999-0969 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork. | |||||
| CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | |||||
| CVE-1999-0886 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 9.0 HIGH | N/A |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | |||||
| CVE-2000-0377 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | |||||
| CVE-1999-1463 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session. | |||||