Vendor CVEs
Microsoft
All CVEs
14,175 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-1087 | 0.00 | — | 0.03 | Jan 9, 2001 | The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to… | |||
| CVE-2000-1084 | 0.00 | — | 0.03 | Jan 9, 2001 | The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a… | |||
| CVE-2000-1086 | 0.00 | — | 0.03 | Jan 9, 2001 | The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to… | |||
| CVE-2000-0933 | 0.00 | — | 0.02 | Dec 19, 2000 | The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability. | |||
| CVE-2000-1217 | 0.00 | — | 0.02 | Nov 21, 2000 | Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login… | |||
| CVE-2000-0756 | 0.00 | — | 0.05 | Oct 20, 2000 | Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service. | |||
| CVE-2000-0767 | 0.00 | — | 0.04 | Oct 20, 2000 | The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. | |||
| CVE-2000-0753 | 0.00 | — | 0.05 | Oct 20, 2000 | The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files. | |||
| CVE-2000-0777 | 0.00 | — | 0.01 | Oct 20, 2000 | The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability. | |||
| CVE-2000-0790 | 0.00 | — | 0.02 | Oct 20, 2000 | The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option… | |||
| CVE-2000-0563 | 0.00 | — | 0.03 | Oct 20, 2000 | The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||
| CVE-2000-0771 | 0.00 | — | 0.02 | Oct 20, 2000 | Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | |||
| CVE-2000-0765 | 0.00 | — | 0.04 | Oct 20, 2000 | Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. | |||
| CVE-2000-0637 | 0.00 | — | 0.02 | Jul 26, 2000 | Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. | |||
| CVE-2000-0663 | 0.00 | — | 0.02 | Jul 25, 2000 | The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative… | |||
| CVE-2000-0654 | 0.00 | — | 0.01 | Jul 11, 2000 | Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability. | |||
| CVE-2000-0603 | 0.00 | — | 0.02 | Jul 7, 2000 | Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability. | |||
| CVE-1999-0585 | 0.00 | — | 0.02 | Jul 1, 2000 | A Windows NT administrator account has the default name of Administrator. | |||
| CVE-2000-0475 | 0.00 | — | 0.02 | Jun 15, 2000 | Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability. | |||
| CVE-2000-0519 | 0.00 | — | 0.05 | Jun 5, 2000 | Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | |||
| CVE-2000-0518 | 0.00 | — | 0.05 | Jun 5, 2000 | Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. | |||
| CVE-1999-0590 | 0.00 | — | 0.06 | Jun 1, 2000 | A system does not present an appropriate legal message or warning to a user who is accessing it. | |||
| CVE-2000-0487 | 0.00 | — | 0.02 | Jun 1, 2000 | The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | |||
| CVE-2000-0485 | 0.00 | — | 0.02 | May 30, 2000 | Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. | |||
| CVE-2000-0415 | 0.00 | — | 0.06 | May 12, 2000 | Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||
| CVE-2000-0416 | 0.00 | — | 0.06 | May 11, 2000 | NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | |||
| CVE-2000-0420 | 0.00 | — | 0.01 | May 11, 2000 | The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | |||
| CVE-2000-0311 | 0.00 | — | 0.01 | Apr 20, 2000 | The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. | |||
| CVE-2000-0259 | 0.00 | — | 0.01 | Apr 12, 2000 | The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. | |||
| CVE-1999-0701 | 0.00 | — | 0.02 | Apr 11, 2000 | After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. | |||
| CVE-2000-0298 | 0.00 | — | 0.02 | Apr 7, 2000 | The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories. | |||
| CVE-2000-0277 | 0.00 | — | 0.02 | Apr 3, 2000 | Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability. | |||
| CVE-2000-0199 | 0.00 | — | 0.01 | Mar 14, 2000 | When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||
| CVE-2000-0216 | 0.00 | — | 0.05 | Feb 29, 2000 | Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution… | |||
| CVE-2000-0197 | 0.00 | — | 0.02 | Feb 14, 2000 | The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||
| CVE-2000-0089 | 0.00 | — | 0.02 | Feb 4, 2000 | The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | |||
| CVE-1999-0595 | 0.00 | — | 0.02 | Jan 20, 2000 | A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||
| CVE-2000-0088 | 0.00 | — | 0.02 | Jan 20, 2000 | Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | |||
| CVE-2000-0070 | 0.00 | — | 0.02 | Jan 12, 2000 | NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request." | |||
| CVE-1999-0876 | 0.00 | — | 0.06 | Jan 4, 2000 | Buffer overflow in Internet Explorer 4.0 via EMBED tag. | |||
| CVE-1999-1104 | 0.00 | — | 0.01 | Dec 31, 1999 | Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | |||
| CVE-1999-1316 | 0.00 | — | 0.04 | Dec 31, 1999 | Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | |||
| CVE-1999-1360 | 0.00 | — | 0.01 | Dec 31, 1999 | Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | |||
| CVE-1999-1364 | 0.00 | — | 0.01 | Dec 31, 1999 | Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||
| CVE-1999-1362 | 0.00 | — | 0.01 | Dec 31, 1999 | Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | |||
| CVE-1999-1358 | 0.00 | — | 0.01 | Dec 31, 1999 | When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by… | |||
| CVE-1999-1222 | 0.00 | — | 0.05 | Dec 31, 1999 | Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup. | |||
| CVE-1999-1279 | 0.00 | — | 0.06 | Dec 31, 1999 | An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. | |||
| CVE-1999-1452 | 0.00 | — | 0.06 | Dec 31, 1999 | GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||
| CVE-1999-1359 | 0.00 | — | 0.04 | Dec 31, 1999 | When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. |
- CVE-2000-1087Jan 9, 2001risk 0.00cvss —epss 0.03
The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to…
- CVE-2000-1084Jan 9, 2001risk 0.00cvss —epss 0.03
The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a…
- CVE-2000-1086Jan 9, 2001risk 0.00cvss —epss 0.03
The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to…
- CVE-2000-0933Dec 19, 2000risk 0.00cvss —epss 0.02
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
- CVE-2000-1217Nov 21, 2000risk 0.00cvss —epss 0.02
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login…
- CVE-2000-0756Oct 20, 2000risk 0.00cvss —epss 0.05
Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.
- CVE-2000-0767Oct 20, 2000risk 0.00cvss —epss 0.04
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
- CVE-2000-0753Oct 20, 2000risk 0.00cvss —epss 0.05
The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.
- CVE-2000-0777Oct 20, 2000risk 0.00cvss —epss 0.01
The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
- CVE-2000-0790Oct 20, 2000risk 0.00cvss —epss 0.02
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option…
- CVE-2000-0563Oct 20, 2000risk 0.00cvss —epss 0.03
The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.
- CVE-2000-0771Oct 20, 2000risk 0.00cvss —epss 0.02
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
- CVE-2000-0765Oct 20, 2000risk 0.00cvss —epss 0.04
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
- CVE-2000-0637Jul 26, 2000risk 0.00cvss —epss 0.02
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability.
- CVE-2000-0663Jul 25, 2000risk 0.00cvss —epss 0.02
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative…
- CVE-2000-0654Jul 11, 2000risk 0.00cvss —epss 0.01
Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability.
- CVE-2000-0603Jul 7, 2000risk 0.00cvss —epss 0.02
Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability.
- CVE-1999-0585Jul 1, 2000risk 0.00cvss —epss 0.02
A Windows NT administrator account has the default name of Administrator.
- CVE-2000-0475Jun 15, 2000risk 0.00cvss —epss 0.02
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
- CVE-2000-0519Jun 5, 2000risk 0.00cvss —epss 0.05
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
- CVE-2000-0518Jun 5, 2000risk 0.00cvss —epss 0.05
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
- CVE-1999-0590Jun 1, 2000risk 0.00cvss —epss 0.06
A system does not present an appropriate legal message or warning to a user who is accessing it.
- CVE-2000-0487Jun 1, 2000risk 0.00cvss —epss 0.02
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
- CVE-2000-0485May 30, 2000risk 0.00cvss —epss 0.02
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
- CVE-2000-0415May 12, 2000risk 0.00cvss —epss 0.06
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
- CVE-2000-0416May 11, 2000risk 0.00cvss —epss 0.06
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
- CVE-2000-0420May 11, 2000risk 0.00cvss —epss 0.01
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
- CVE-2000-0311Apr 20, 2000risk 0.00cvss —epss 0.01
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.
- CVE-2000-0259Apr 12, 2000risk 0.00cvss —epss 0.01
The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users.
- CVE-1999-0701Apr 11, 2000risk 0.00cvss —epss 0.02
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
- CVE-2000-0298Apr 7, 2000risk 0.00cvss —epss 0.02
The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
- CVE-2000-0277Apr 3, 2000risk 0.00cvss —epss 0.02
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability.
- CVE-2000-0199Mar 14, 2000risk 0.00cvss —epss 0.01
When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password.
- CVE-2000-0216Feb 29, 2000risk 0.00cvss —epss 0.05
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution…
- CVE-2000-0197Feb 14, 2000risk 0.00cvss —epss 0.02
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
- CVE-2000-0089Feb 4, 2000risk 0.00cvss —epss 0.02
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
- CVE-1999-0595Jan 20, 2000risk 0.00cvss —epss 0.02
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
- CVE-2000-0088Jan 20, 2000risk 0.00cvss —epss 0.02
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
- CVE-2000-0070Jan 12, 2000risk 0.00cvss —epss 0.02
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
- CVE-1999-0876Jan 4, 2000risk 0.00cvss —epss 0.06
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
- CVE-1999-1104Dec 31, 1999risk 0.00cvss —epss 0.01
Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.
- CVE-1999-1316Dec 31, 1999risk 0.00cvss —epss 0.04
Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.
- CVE-1999-1360Dec 31, 1999risk 0.00cvss —epss 0.01
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
- CVE-1999-1364Dec 31, 1999risk 0.00cvss —epss 0.01
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
- CVE-1999-1362Dec 31, 1999risk 0.00cvss —epss 0.01
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
- CVE-1999-1358Dec 31, 1999risk 0.00cvss —epss 0.01
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by…
- CVE-1999-1222Dec 31, 1999risk 0.00cvss —epss 0.05
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
- CVE-1999-1279Dec 31, 1999risk 0.00cvss —epss 0.06
An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU.
- CVE-1999-1452Dec 31, 1999risk 0.00cvss —epss 0.06
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
- CVE-1999-1359Dec 31, 1999risk 0.00cvss —epss 0.04
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
Page 282 of 284