Windows 98
by Microsoft
CVEs (93)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0444 | 0.01 | — | 0.16 | Apr 12, 1999 | Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | |||
| CVE-1999-1254 | 0.01 | — | 0.13 | Mar 8, 1999 | Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||
| CVE-1999-1201 | 0.01 | — | 0.14 | Feb 6, 1999 | Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka… | |||
| CVE-1999-0357 | 0.01 | — | 0.16 | Jan 25, 1999 | Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | |||
| CVE-2005-2388 | 0.00 | — | 0.02 | Jul 27, 2005 | Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. | |||
| CVE-2005-0060 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. | |||
| CVE-2005-0061 | 0.00 | — | 0.02 | May 2, 2005 | The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. | |||
| CVE-2004-0207 | 0.00 | — | 0.02 | Nov 3, 2004 | "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of… | |||
| CVE-2002-2185 | 0.00 | — | 0.02 | Dec 31, 2002 | The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively… | |||
| CVE-2002-1139 | 0.00 | — | 0.04 | Oct 11, 2002 | The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka… | |||
| CVE-2000-0790 | 0.00 | — | 0.02 | Oct 20, 2000 | The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option… | |||
| CVE-1999-0590 | 0.00 | — | 0.06 | Jun 1, 2000 | A system does not present an appropriate legal message or warning to a user who is accessing it. | |||
| CVE-1999-0717 | 0.00 | — | 0.06 | May 7, 1999 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. |
- CVE-1999-0444Apr 12, 1999risk 0.01cvss —epss 0.16
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
- CVE-1999-1254Mar 8, 1999risk 0.01cvss —epss 0.13
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
- CVE-1999-1201Feb 6, 1999risk 0.01cvss —epss 0.14
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka…
- CVE-1999-0357Jan 25, 1999risk 0.01cvss —epss 0.16
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.
- CVE-2005-2388Jul 27, 2005risk 0.00cvss —epss 0.02
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
- CVE-2005-0060May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.
- CVE-2005-0061May 2, 2005risk 0.00cvss —epss 0.02
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.
- CVE-2004-0207Nov 3, 2004risk 0.00cvss —epss 0.02
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…
- CVE-2002-2185Dec 31, 2002risk 0.00cvss —epss 0.02
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively…
- CVE-2002-1139Oct 11, 2002risk 0.00cvss —epss 0.04
The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka…
- CVE-2000-0790Oct 20, 2000risk 0.00cvss —epss 0.02
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option…
- CVE-1999-0590Jun 1, 2000risk 0.00cvss —epss 0.06
A system does not present an appropriate legal message or warning to a user who is accessing it.
- CVE-1999-0717May 7, 1999risk 0.00cvss —epss 0.06
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
Page 5 of 5