VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-2004-0206Nov 3, 2004
    risk 0.09cvss epss 0.77

    Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an…

  • CVE-2003-0719Jun 1, 2004
    risk 0.09cvss epss 0.83

    Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute…

  • CVE-2000-1089Jan 9, 2001
    risk 0.09cvss epss 0.77

    Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.

  • CVE-1999-0874Jun 16, 1999
    risk 0.09cvss epss 0.78

    Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.

  • CVE-1999-0256Feb 1, 1998
    risk 0.09cvss epss 0.72

    Buffer overflow in War FTP allows remote execution of commands.

  • CVE-2008-1087Apr 8, 2008
    risk 0.08cvss epss 0.57

    Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability."

  • CVE-2004-0567Dec 31, 2004
    risk 0.08cvss epss 0.72

    The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute…

  • CVE-2004-1305Dec 23, 2004
    risk 0.08cvss epss 0.62

    The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to…

  • CVE-2004-0574Nov 3, 2004
    risk 0.08cvss epss 0.68

    The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper…

  • CVE-2004-0212Aug 6, 2004
    risk 0.08cvss epss 0.67

    Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a…

  • CVE-2003-0717Nov 17, 2003
    risk 0.08cvss epss 0.63

    The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

  • CVE-1999-0278Jun 1, 1998
    risk 0.08cvss epss 0.65

    In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.

  • CVE-1999-0504Jan 1, 1997
    risk 0.08cvss epss 0.64

    A Windows NT local user or administrator account has a default, null, blank, or missing password.

  • CVE-2008-3008Sep 11, 2008
    risk 0.07cvss epss 0.55

    Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun…

  • CVE-2007-5348Sep 11, 2008
    risk 0.07cvss epss 0.53

    Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8,…

  • CVE-2006-2379Jun 13, 2006
    risk 0.07cvss epss 0.58

    Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.

  • CVE-2006-0988Mar 3, 2006
    risk 0.07cvss epss 0.55

    The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers…

  • CVE-2003-0469Aug 7, 2003
    risk 0.07cvss epss 0.50

    Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align"…

  • CVE-2008-5232Nov 26, 2008
    risk 0.06cvss epss 0.36

    Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary…

  • CVE-2008-1436Apr 21, 2008
    risk 0.06cvss epss 0.37

    Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource…

Page 2 of 14