VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-2008-1453Jun 12, 2008
    risk 0.00cvss epss 0.02

    The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.

  • CVE-2007-1973Apr 11, 2007
    risk 0.00cvss epss 0.01

    Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.

  • CVE-2004-0893Jan 10, 2005
    risk 0.00cvss epss 0.02

    The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel…

  • CVE-2004-0208Nov 3, 2004
    risk 0.00cvss epss 0.02

    The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly…

  • CVE-2004-0207Nov 3, 2004
    risk 0.00cvss epss 0.02

    "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…

  • CVE-2003-0112May 12, 2003
    risk 0.00cvss epss 0.02

    Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

  • CVE-2002-2401Dec 31, 2002
    risk 0.00cvss epss 0.02

    NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

  • CVE-2002-2028Dec 31, 2002
    risk 0.00cvss epss 0.02

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.

  • CVE-2002-1184Nov 12, 2002
    risk 0.00cvss epss 0.02

    The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other…

  • CVE-2002-0366Jul 3, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

  • CVE-2002-0151Apr 4, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

  • CVE-2001-1288Jul 27, 2001
    risk 0.00cvss epss 0.06

    Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0373Jun 18, 2001
    risk 0.00cvss epss 0.03

    The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.

  • CVE-2001-0281May 3, 2001
    risk 0.00cvss epss 0.05

    Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.

  • CVE-2001-0016Mar 12, 2001
    risk 0.00cvss epss 0.02

    NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.

  • CVE-2001-0047Feb 16, 2001
    risk 0.00cvss epss 0.06

    The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.

  • CVE-2001-0046Feb 16, 2001
    risk 0.00cvss epss 0.05

    The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.

  • CVE-2000-0663Jul 25, 2000
    risk 0.00cvss epss 0.02

    The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative…

  • CVE-1999-0585Jul 1, 2000
    risk 0.00cvss epss 0.02

    A Windows NT administrator account has the default name of Administrator.

Page 11 of 14