VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-2002-0053Mar 8, 2002
    risk 0.03cvss epss 0.38

    Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other…

  • CVE-2001-1122Aug 3, 2001
    risk 0.03cvss epss 0.04

    Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.

  • CVE-2000-0232Mar 30, 2000
    risk 0.03cvss epss 0.04

    Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request.

  • CVE-2000-0155Feb 18, 2000
    risk 0.03cvss epss 0.04

    Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive.

  • CVE-2000-0129Feb 4, 2000
    risk 0.03cvss epss 0.04

    Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.

  • CVE-2000-0121Feb 1, 2000
    risk 0.03cvss epss 0.05

    The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.

  • CVE-1999-1084Dec 31, 1999
    risk 0.03cvss epss 0.04

    The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.

  • CVE-1999-0975Dec 10, 1999
    risk 0.03cvss epss 0.03

    The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.

  • CVE-1999-0899Nov 4, 1999
    risk 0.03cvss epss 0.03

    The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.

  • CVE-1999-0700Jul 29, 1999
    risk 0.03cvss epss 0.05

    Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.

  • CVE-1999-0715May 20, 1999
    risk 0.03cvss epss 0.06

    Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

  • CVE-1999-0716May 17, 1999
    risk 0.03cvss epss 0.06

    Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

  • CVE-1999-0382Mar 12, 1999
    risk 0.03cvss epss 0.03

    The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

  • CVE-1999-0376Feb 20, 1999
    risk 0.03cvss epss 0.02

    Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

  • CVE-1999-0372Feb 12, 1999
    risk 0.03cvss epss 0.05

    The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

  • CVE-2008-3012Sep 11, 2008
    risk 0.02cvss epss 0.31

    gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital…

  • CVE-2008-1456Aug 13, 2008
    risk 0.02cvss epss 0.28

    Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access…

  • CVE-2008-1435Jul 8, 2008
    risk 0.02cvss epss 0.29

    Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."

  • CVE-2008-1445Jun 12, 2008
    risk 0.02cvss epss 0.27

    Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.

  • CVE-2008-1086Apr 8, 2008
    risk 0.02cvss epss 0.31

    The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory…

Page 6 of 14