Windows Nt
by Microsoft
CVEs (279)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0328 | 0.02 | — | 0.25 | Aug 24, 1999 | Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. | |||
| CVE-1999-1581 | 0.02 | — | 0.21 | Dec 23, 1997 | Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded. | |||
| CVE-1999-1387 | 0.02 | — | 0.21 | Apr 2, 1997 | Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||
| CVE-2006-1591 | 0.01 | — | 0.07 | Apr 3, 2006 | Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. | |||
| CVE-2003-0825 | 0.01 | — | 0.12 | Mar 3, 2004 | The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2003-0813 | 0.01 | — | 0.15 | Nov 17, 2003 | A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it… | |||
| CVE-2003-0525 | 0.01 | — | 0.08 | Aug 27, 2003 | The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM… | |||
| CVE-2002-1257 | 0.01 | — | 0.15 | Dec 23, 2002 | Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | |||
| CVE-2002-1260 | 0.01 | — | 0.15 | Dec 23, 2002 | The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet. | |||
| CVE-2002-1325 | 0.01 | — | 0.14 | Dec 23, 2002 | Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | |||
| CVE-2002-1258 | 0.01 | — | 0.15 | Dec 23, 2002 | Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due… | |||
| CVE-2002-0694 | 0.01 | — | 0.14 | Oct 10, 2002 | The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote… | |||
| CVE-2002-0699 | 0.01 | — | 0.07 | Oct 4, 2002 | Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | |||
| CVE-2002-0070 | 0.01 | — | 0.20 | Mar 15, 2002 | Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||
| CVE-2002-0018 | 0.01 | — | 0.18 | Mar 8, 2002 | In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the… | |||
| CVE-2001-0879 | 0.01 | — | 0.08 | Dec 20, 2001 | Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | |||
| CVE-2001-0662 | 0.01 | — | 0.22 | Oct 30, 2001 | RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request. | |||
| CVE-2001-0543 | 0.01 | — | 0.21 | Sep 20, 2001 | Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. | |||
| CVE-2001-0509 | 0.01 | — | 0.17 | Sep 20, 2001 | Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||
| CVE-2001-0238 | 0.01 | — | 0.16 | Jul 2, 2001 | Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. |
- CVE-2000-0328Aug 24, 1999risk 0.02cvss —epss 0.25
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
- CVE-1999-1581Dec 23, 1997risk 0.02cvss —epss 0.21
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.
- CVE-1999-1387Apr 2, 1997risk 0.02cvss —epss 0.21
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
- CVE-2006-1591Apr 3, 2006risk 0.01cvss —epss 0.07
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.
- CVE-2003-0825Mar 3, 2004risk 0.01cvss —epss 0.12
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
- CVE-2003-0813Nov 17, 2003risk 0.01cvss —epss 0.15
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it…
- CVE-2003-0525Aug 27, 2003risk 0.01cvss —epss 0.08
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM…
- CVE-2002-1257Dec 23, 2002risk 0.01cvss —epss 0.15
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
- CVE-2002-1260Dec 23, 2002risk 0.01cvss —epss 0.15
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
- CVE-2002-1325Dec 23, 2002risk 0.01cvss —epss 0.14
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
- CVE-2002-1258Dec 23, 2002risk 0.01cvss —epss 0.15
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due…
- CVE-2002-0694Oct 10, 2002risk 0.01cvss —epss 0.14
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote…
- CVE-2002-0699Oct 4, 2002risk 0.01cvss —epss 0.07
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
- CVE-2002-0070Mar 15, 2002risk 0.01cvss —epss 0.20
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
- CVE-2002-0018Mar 8, 2002risk 0.01cvss —epss 0.18
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the…
- CVE-2001-0879Dec 20, 2001risk 0.01cvss —epss 0.08
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
- CVE-2001-0662Oct 30, 2001risk 0.01cvss —epss 0.22
RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request.
- CVE-2001-0543Sep 20, 2001risk 0.01cvss —epss 0.21
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
- CVE-2001-0509Sep 20, 2001risk 0.01cvss —epss 0.17
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
- CVE-2001-0238Jul 2, 2001risk 0.01cvss —epss 0.16
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
Page 8 of 14