Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0593 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.9 MEDIUM | N/A |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||||
| CVE-2000-0259 | 1 Microsoft | 2 Terminal Server, Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
| The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. | |||||
| CVE-1999-1222 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup. | |||||
| CVE-2004-0208 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
| The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | |||||
| CVE-1999-1234 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||||
| CVE-2000-1039 | 1 Microsoft | 5 Windows 95, Windows 98, Windows 98se and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE. | |||||
| CVE-2003-0227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. | |||||
| CVE-2000-0858 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability. | |||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2024-02-28 | 6.4 MEDIUM | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |||||
| CVE-1999-1084 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | |||||
| CVE-2003-0806 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. | |||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
| CVE-1999-0560 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
| A system-critical Windows NT file or directory has inappropriate permissions. | |||||
| CVE-1999-0535 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. | |||||
| CVE-2003-0818 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. | |||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||||
| CVE-1999-0503 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
| A Windows NT local user or administrator account has a guessable password. | |||||
| CVE-2002-0725 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | 5.5 MEDIUM |
| NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | |||||
| CVE-1999-0723 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.1 HIGH | N/A |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. | |||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | |||||