Total
286 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | |||||
CVE-2002-1258 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | |||||
CVE-1999-0909 | 1 Microsoft | 4 Terminal Server, Windows 95, Windows 98se and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | |||||
CVE-2003-0813 | 1 Microsoft | 5 Windows 2000, Windows 98, Windows Nt and 2 more | 2024-02-28 | 5.1 MEDIUM | N/A |
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities. | |||||
CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | |||||
CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
CVE-1999-0224 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Windows NT messenger service through a long username. | |||||
CVE-1999-0278 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | |||||
CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||||
CVE-2000-0232 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. | |||||
CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | |||||
CVE-1999-0995 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.8 HIGH | N/A |
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." | |||||
CVE-1999-0226 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||||
CVE-2003-0525 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method. | |||||
CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
CVE-1999-0227 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. | |||||
CVE-1999-1132 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | |||||
CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | |||||
CVE-1999-0980 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. | |||||
CVE-1999-1579 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine. |