VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-1999-0224Jul 23, 1999
    risk 0.04cvss epss 0.17

    Denial of service in Windows NT messenger service through a long username.

  • CVE-1999-0140Jun 30, 1999
    risk 0.04cvss epss 0.14

    Denial of service in RAS/PPTP on NT systems.

  • CVE-1999-0755May 27, 1999
    risk 0.04cvss epss 0.16

    Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

  • CVE-1999-0506Oct 1, 1998
    risk 0.04cvss epss 0.17

    A Windows NT domain user or administrator account has a default, null, blank, or missing password.

  • CVE-1999-0562Jan 1, 1997
    risk 0.04cvss epss 0.11

    The registry in Windows NT can be accessed remotely by users who are not administrators.

  • CVE-2008-3014Sep 11, 2008
    risk 0.03cvss epss 0.37

    Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer…

  • CVE-2008-1457Aug 13, 2008
    risk 0.03cvss epss 0.36

    The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription…

  • CVE-2008-2246Aug 13, 2008
    risk 0.03cvss epss 0.32

    Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access…

  • CVE-2006-0034May 10, 2006
    risk 0.03cvss epss 0.31

    Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to…

  • CVE-2006-0010Jan 10, 2006
    risk 0.03cvss epss 0.32

    Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font…

  • CVE-2005-2827Dec 14, 2005
    risk 0.03cvss epss 0.03

    The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows…

  • CVE-2004-0568Jan 10, 2005
    risk 0.03cvss epss 0.35

    HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file…

  • CVE-2004-0901Jan 10, 2005
    risk 0.03cvss epss 0.31

    Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion…

  • CVE-2003-0806Jun 1, 2004
    risk 0.03cvss epss 0.33

    Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.

  • CVE-2003-0807Jun 1, 2004
    risk 0.03cvss epss 0.40

    Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.

  • CVE-2003-1407Dec 31, 2003
    risk 0.03cvss epss 0.03

    Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.

  • CVE-2003-0711Nov 17, 2003
    risk 0.03cvss epss 0.33

    Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

  • CVE-2003-0528Sep 17, 2003
    risk 0.03cvss epss 0.38

    Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi)…

  • CVE-2003-0715Sep 17, 2003
    risk 0.03cvss epss 0.37

    Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than…

  • CVE-2003-0345Aug 18, 2003
    risk 0.03cvss epss 0.34

    Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.

Page 5 of 14