Windows Nt
by Microsoft
CVEs (279)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0341 | 0.05 | — | 0.45 | Jul 21, 2001 | Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll. | |||
| CVE-2000-0377 | 0.05 | — | 0.19 | Jun 8, 2000 | The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | |||
| CVE-1999-0980 | 0.05 | — | 0.23 | May 16, 2000 | Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. | |||
| CVE-2000-0073 | 0.05 | — | 0.24 | Nov 17, 1999 | Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. | |||
| CVE-1999-0886 | 0.05 | — | 0.22 | Sep 17, 1999 | The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | |||
| CVE-1999-0918 | 0.05 | — | 0.30 | Jul 3, 1999 | Denial of service in various Windows systems via malformed, fragmented IGMP packets. | |||
| CVE-1999-0288 | 0.05 | — | 0.21 | Aug 1, 1998 | The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||
| CVE-1999-0153 | 0.05 | — | 0.23 | Jul 1, 1997 | Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||
| CVE-1999-0612 | 0.05 | — | 0.68 | Mar 1, 1997 | A version of finger is running that exposes valid user information to any entity on the network. | |||
| CVE-1999-0077 | 0.05 | — | 0.31 | Jan 1, 1995 | Predictable TCP sequence numbers allow spoofing. | |||
| CVE-2007-1912 | 0.04 | — | 0.14 | Apr 10, 2007 | Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. | |||
| CVE-2005-4717 | 0.04 | — | 0.19 | Dec 31, 2005 | Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that… | |||
| CVE-2005-0050 | 0.04 | — | 0.47 | May 2, 2005 | The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary… | |||
| CVE-2004-0201 | 0.04 | — | 0.45 | Aug 6, 2004 | Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||
| CVE-2002-2073 | 0.04 | — | 0.13 | Dec 31, 2002 | Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp. | |||
| CVE-2002-0862 | 0.04 | — | 0.19 | Oct 4, 2002 | The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly… | |||
| CVE-2000-1200 | 0.04 | — | 0.48 | Aug 31, 2001 | Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | |||
| CVE-2000-1039 | 0.04 | — | 0.46 | Jan 9, 2001 | Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of… | |||
| CVE-2000-0256 | 0.04 | — | 0.12 | Apr 19, 2000 | Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. | |||
| CVE-1999-0819 | 0.04 | — | 0.16 | Dec 1, 1999 | NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. |
- CVE-2001-0341Jul 21, 2001risk 0.05cvss —epss 0.45
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
- CVE-2000-0377Jun 8, 2000risk 0.05cvss —epss 0.19
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
- CVE-1999-0980May 16, 2000risk 0.05cvss —epss 0.23
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
- CVE-2000-0073Nov 17, 1999risk 0.05cvss —epss 0.24
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
- CVE-1999-0886Sep 17, 1999risk 0.05cvss —epss 0.22
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
- CVE-1999-0918Jul 3, 1999risk 0.05cvss —epss 0.30
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
- CVE-1999-0288Aug 1, 1998risk 0.05cvss —epss 0.21
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
- CVE-1999-0153Jul 1, 1997risk 0.05cvss —epss 0.23
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
- CVE-1999-0612Mar 1, 1997risk 0.05cvss —epss 0.68
A version of finger is running that exposes valid user information to any entity on the network.
- CVE-1999-0077Jan 1, 1995risk 0.05cvss —epss 0.31
Predictable TCP sequence numbers allow spoofing.
- CVE-2007-1912Apr 10, 2007risk 0.04cvss —epss 0.14
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
- CVE-2005-4717Dec 31, 2005risk 0.04cvss —epss 0.19
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that…
- CVE-2005-0050May 2, 2005risk 0.04cvss —epss 0.47
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary…
- CVE-2004-0201Aug 6, 2004risk 0.04cvss —epss 0.45
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.
- CVE-2002-2073Dec 31, 2002risk 0.04cvss —epss 0.13
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
- CVE-2002-0862Oct 4, 2002risk 0.04cvss —epss 0.19
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly…
- CVE-2000-1200Aug 31, 2001risk 0.04cvss —epss 0.48
Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
- CVE-2000-1039Jan 9, 2001risk 0.04cvss —epss 0.46
Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of…
- CVE-2000-0256Apr 19, 2000risk 0.04cvss —epss 0.12
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
- CVE-1999-0819Dec 1, 1999risk 0.04cvss —epss 0.16
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
Page 4 of 14