VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-2006-0005Feb 14, 2006
    risk 0.06cvss epss 0.44

    Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element…

  • CVE-2005-1184May 2, 2005
    risk 0.06cvss epss 0.37

    The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some…

  • CVE-2005-0416Apr 27, 2005
    risk 0.06cvss epss 0.45

    The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

  • CVE-2004-0899Jan 10, 2005
    risk 0.06cvss epss 0.73

    The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP…

  • CVE-2003-0659Nov 17, 2003
    risk 0.06cvss epss 0.34

    Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

  • CVE-2003-0227Jun 9, 2003
    risk 0.06cvss epss 0.39

    The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute…

  • CVE-2002-1561Apr 2, 2003
    risk 0.06cvss epss 0.43

    The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.

  • CVE-2003-0003Feb 7, 2003
    risk 0.06cvss epss 0.45

    Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

  • CVE-2002-0693Oct 10, 2002
    risk 0.06cvss epss 0.52

    Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink…

  • CVE-2000-0673Jul 27, 2000
    risk 0.06cvss epss 0.38

    The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.

  • CVE-2000-0305May 19, 2000
    risk 0.06cvss epss 0.44

    Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

  • CVE-1999-0015Dec 16, 1997
    risk 0.06cvss epss 0.36

    Teardrop IP denial of service.

  • CVE-2007-6026Nov 20, 2007
    risk 0.05cvss epss 0.28

    Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a…

  • CVE-2004-1306Dec 31, 2004
    risk 0.05cvss epss 0.35

    Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.

  • CVE-2003-0910Jun 1, 2004
    risk 0.05cvss epss 0.28

    The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points…

  • CVE-2002-1712Dec 31, 2002
    risk 0.05cvss epss 0.29

    Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.

  • CVE-2002-1183Dec 11, 2002
    risk 0.05cvss epss 0.19

    Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).

  • CVE-2002-0724Sep 24, 2002
    risk 0.05cvss epss 0.30

    Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3,…

  • CVE-2001-0663Dec 6, 2001
    risk 0.05cvss epss 0.37

    Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.

  • CVE-2001-0540Oct 30, 2001
    risk 0.05cvss epss 0.71

    Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed Remote Desktop Protocol (RDP) requests to port 3389.

Page 3 of 14