Windows Nt
by Microsoft
CVEs (279)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0987 | 0.00 | — | 0.05 | Nov 18, 1999 | Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. | |||
| CVE-1999-0728 | 0.00 | — | 0.06 | Jul 6, 1999 | A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. | |||
| CVE-1999-1365 | 0.00 | — | 0.02 | Jun 28, 1999 | Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a… | |||
| CVE-1999-0717 | 0.00 | — | 0.06 | May 7, 1999 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | |||
| CVE-1999-0366 | 0.00 | — | 0.04 | Feb 8, 1999 | In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | |||
| CVE-1999-0119 | 0.00 | — | 0.06 | Jan 19, 1999 | Windows NT 4.0 beta allows users to read and delete shares. | |||
| CVE-1999-0391 | 0.00 | — | 0.05 | Jan 5, 1999 | The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | |||
| CVE-1999-0578 | 0.00 | — | 0.02 | Jan 1, 1999 | A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||
| CVE-1999-0593 | 0.00 | — | 0.02 | Jan 1, 1999 | The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||
| CVE-1999-0577 | 0.00 | — | 0.06 | Jan 1, 1999 | A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | |||
| CVE-1999-0665 | 0.00 | — | 0.02 | Jan 1, 1999 | An application-critical Windows NT registry key has an inappropriate value. | |||
| CVE-1999-0611 | 0.00 | — | 0.02 | Jan 1, 1999 | A system-critical Windows NT registry key has an inappropriate value. | |||
| CVE-1999-0592 | 0.00 | — | 0.02 | Jan 1, 1999 | The Logon box of a Windows NT system displays the name of the last user who logged in. | |||
| CVE-1999-0384 | 0.00 | — | 0.01 | Jan 1, 1999 | The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | |||
| CVE-1999-0549 | 0.00 | — | 0.02 | Jan 1, 1999 | Windows NT automatically logs in an administrator upon rebooting. | |||
| CVE-1999-0226 | 0.00 | — | 0.06 | Jan 1, 1999 | Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||
| CVE-1999-0560 | 0.00 | — | 0.06 | Jan 1, 1999 | A system-critical Windows NT file or directory has inappropriate permissions. | |||
| CVE-1999-0579 | 0.00 | — | 0.06 | Jan 1, 1999 | A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | |||
| CVE-1999-0570 | 0.00 | — | 0.06 | Jan 1, 1999 | Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | |||
| CVE-1999-0505 | 0.00 | — | 0.02 | Oct 1, 1998 | A Windows NT domain user or administrator account has a guessable password. |
- CVE-1999-0987Nov 18, 1999risk 0.00cvss —epss 0.05
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
- CVE-1999-0728Jul 6, 1999risk 0.00cvss —epss 0.06
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
- CVE-1999-1365Jun 28, 1999risk 0.00cvss —epss 0.02
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a…
- CVE-1999-0717May 7, 1999risk 0.00cvss —epss 0.06
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
- CVE-1999-0366Feb 8, 1999risk 0.00cvss —epss 0.04
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
- CVE-1999-0119Jan 19, 1999risk 0.00cvss —epss 0.06
Windows NT 4.0 beta allows users to read and delete shares.
- CVE-1999-0391Jan 5, 1999risk 0.00cvss —epss 0.05
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
- CVE-1999-0578Jan 1, 1999risk 0.00cvss —epss 0.02
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
- CVE-1999-0593Jan 1, 1999risk 0.00cvss —epss 0.02
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
- CVE-1999-0577Jan 1, 1999risk 0.00cvss —epss 0.06
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
- CVE-1999-0665Jan 1, 1999risk 0.00cvss —epss 0.02
An application-critical Windows NT registry key has an inappropriate value.
- CVE-1999-0611Jan 1, 1999risk 0.00cvss —epss 0.02
A system-critical Windows NT registry key has an inappropriate value.
- CVE-1999-0592Jan 1, 1999risk 0.00cvss —epss 0.02
The Logon box of a Windows NT system displays the name of the last user who logged in.
- CVE-1999-0384Jan 1, 1999risk 0.00cvss —epss 0.01
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
- CVE-1999-0549Jan 1, 1999risk 0.00cvss —epss 0.02
Windows NT automatically logs in an administrator upon rebooting.
- CVE-1999-0226Jan 1, 1999risk 0.00cvss —epss 0.06
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
- CVE-1999-0560Jan 1, 1999risk 0.00cvss —epss 0.06
A system-critical Windows NT file or directory has inappropriate permissions.
- CVE-1999-0579Jan 1, 1999risk 0.00cvss —epss 0.06
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
- CVE-1999-0570Jan 1, 1999risk 0.00cvss —epss 0.06
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
- CVE-1999-0505Oct 1, 1998risk 0.00cvss —epss 0.02
A Windows NT domain user or administrator account has a guessable password.
Page 13 of 14