Lucene search
K
MicrosoftWindows Nt

252 matches found

CVE
CVE
added 2003/04/02 5:0 a.m.1033 views

CVE-2002-0367

CVE-2002-0367 affects Windows NT/2000 and involves the smss.exe debugging subsystem not properly authenticating connections to privileged processes. This allows a local attacker to gain Administrator or SYSTEM privileges by duplicating a handle to a privileged process. The vulnerability is charac...

7.8CVSS8.9AI score0.05188EPSS
In wild
CVE
CVE
added 2004/07/14 4:0 a.m.1023 views

CVE-2004-0210

CVE-2004-0210 describes a local privilege escalation in the Windows POSIX subsystem affecting Windows NT 4.0 and Windows 2000. The vulnerability is a buffer overflow caused by unchecked message length handling in the POSIX subsystem, enabling a local authenticated user to gain full system privile...

7.8CVSS7.3AI score0.07606EPSS
In wild
CVE
CVE
added 2000/02/04 5:0 a.m.734 views

CVE-1999-0519

CVE-1999-0519 describes a Windows SMB/NETBIOS issue where a share password is default, null, or missing, enabling NULL session authentication bypass. Public sources (NVD, Red Hat, SUSE, OpenVAS/Nessus entries) consistently describe an authentication bypass risk tied to SMB/NETBIOS NULL sessions. ...

7.5CVSS6.8AI score0.05673EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.525 views

CVE-2000-1200

CVE-2000-1200 affects Windows NT where remote attackers can enumerate domain users by obtaining the domain SID with the LsaQueryInformationPolicy policy function through a null session, then using that SID to list users. Connected findings consolidate that attackers can enumerate the host/local u...

5CVSS6.6AI score0.481EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.454 views

CVE-1999-0511

CVE-1999-0511 covers IP forwarding being enabled on a host that is not a router or firewall. Multiple connected sources confirm this condition and document remediation: disable IP forwarding (e.g., sysctl net.ipv4.ip_forward and related settings) and reboot where applicable. IBM bulletin notes a ...

9.1CVSS6.8AI score0.06908EPSS
CVE
CVE
added 2003/07/17 4:0 a.m.226 views

CVE-2003-0352

CVE-2003-0352 describes a buffer overflow vulnerability in the DCOM RPC interface (RPCSS) of Windows NT 4.0 SP3-6a, Windows 2000, XP, and Server 2003. The issue is a stack/heap buffer overflow triggered by a malformed DCERPC DCOM object activation request with modified length fields, allowing rem...

7.5CVSS7.5AI score0.98626EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.223 views

CVE-2003-0533

The CVE-2003-0533 issue is a stack-based buffer overflow in LSASS (LSASRV.DLL) affecting multiple Windows platforms (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003) and related products. The underlying flaw is in the DS RolerUpgradeDownlevelServer function invoked via DCERPC, which can cause an o...

7.5CVSS7.8AI score0.8615EPSS
Web
CVE
CVE
added 2000/02/04 5:0 a.m.160 views

CVE-1999-0506

CVE-1999-0506 affects Windows NT domain accounts with a default, null, blank, or missing password. The included sources confirm the issue as a weak-password scenario enabling logins when no proper credentials are configured, with related references noting blank administrator passwords and weak cr...

7.2CVSS6.7AI score0.17301EPSS
CVE
CVE
added 2003/03/26 5:0 a.m.160 views

CVE-2002-1561

The CVE-2002-1561 issue affects the Windows RPC service stack (RPC Endpoint Mapper) on Windows 2000, NT 4.0, and XP. A malformed packet to TCP 135 can trigger a NULL pointer dereference in the RPC Endpoint Mapper, causing the RPC service to terminate and resulting in a denial of service for RPC-b...

5CVSS6.6AI score0.42633EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.158 views

CVE-1999-0016

CVE-1999-0016 describes a land IP denial-of-service condition: a TCP packet with SYN set and identical source/destination addresses and ports can exhaust the target’s CPU. Connected records confirm the same issue reappears in later advisories (e.g., CVE-2005-0688) and is observed in Windows XP SP...

5CVSS6.6AI score0.95739EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.154 views

CVE-1999-0505

CVE-1999-0505 affects Windows NT domain accounts where a guessable password enables local access. The NVD entry lists a LOCAL attack vector with LOW complexity, and NULL authentication, yielding complete confidentiality, integrity, and availability impact. Connected Red Hat/NVD records reiterate ...

7.2CVSS6.7AI score0.01794EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.152 views

CVE-1999-0077

CVE-1999-0077 refers to a TCP Initial Sequence Number (ISN) weakness enabling spoofing. The connected documents corroborate ISN predictability as a risk that could allow spoofed TCP connections or session hijacking, with exploitation discussed in multiple scanners/advisories. F5’s advisory explic...

5CVSS6.4AI score0.30873EPSS
CVE
CVE
added 2006/01/10 10:0 p.m.137 views

CVE-2006-0010

CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...

9.3CVSS7.7AI score0.32189EPSS
CVE
CVE
added 2006/03/03 11:0 a.m.120 views

CVE-2006-0988

CVE-2006-0988 : The default configuration of the DNS Server on Windows Server 2003/2000 and Microsoft DNS Server on Windows NT 4.0 permits recursive queries and reveals delegation information to arbitrary IPs, enabling remote attackers to cause a denial of service (traffic amplification) via spoo...

7.8CVSS6.8AI score0.54794EPSS
CVE
CVE
added 2003/09/12 4:0 a.m.119 views

CVE-2003-0528

Technical details for CVE-2003-0528 are not publicly provided in the supplied documents. Monitor for updates from official advisories; related CVEs (e.g., CVE-2003-0352) are discussed but do not specify 0528 specifics.

10CVSS7.8AI score0.37799EPSS
CVE
CVE
added 2003/09/04 4:0 a.m.119 views

CVE-2003-0661

The CVE-2003-0661 entry concerns the NetBIOS NBNS information disclosure vulnerability in Windows NT 4.0, 2000, XP, and Server 2003. The NBNS response may leak random memory contents from the target, potentially revealing sensitive data to remote attackers. Public details across connected documen...

5CVSS6.3AI score0.22019EPSS
CVE
CVE
added 2004/10/16 4:0 a.m.118 views

CVE-2004-0574

CVE-2004-0574 affects the NNTP component in Windows NT 4.0 Server, Windows 2000 Server, Windows Server 2003, Exchange 2000/2003, enabling remote code execution via XPAT pattern handling. The issue stems from improper length validation and unchecked buffers, leading to off-by-one and heap-based ov...

10CVSS7.7AI score0.67822EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.117 views

CVE-1999-0499

CVE-1999-0499 describes exposure of NETBIOS share information in Windows NT by publishing it through SNMP registry keys. Connected sources (Red Hat advisory; Nessus LANMAN disclosures) confirm information disclosure via SNMP OIDs for LanMan services/shares/users, enabling an attacker to learn tar...

7.5CVSS6.5AI score0.047EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.114 views

CVE-1999-0535

CVE-1999-0535 affects Windows NT password policy settings. The connected records consistently describe a vulnerability where the account policy for passwords allows insecure configurations (e.g., inadequate minimum length, inappropriate password age, and lack of uniqueness), leading to potential ...

10CVSS7.6AI score0.05975EPSS
CVE
CVE
added 2004/02/11 5:0 a.m.113 views

CVE-2003-0818

CVE-2003-0818 covers a heap-based overflow in the Microsoft ASN.1 library (MSASN1.DLL) used by Windows components (LSASS.EXE, CRYPT32.DLL) on Windows NT 4.0/2000/XP. The vulnerability affects BER decoding of ASN.1 data, with two vectors: (1) very large length fields overwriting heap data, and (2)...

7.5CVSS7.4AI score0.84008EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.107 views

CVE-1999-0503

CVE-1999-0503 concerns a Windows NT local user or administrator account with a guessable password. Connected sources corroborate that the issue enables basic local account compromise due to weak credentials (no explicit patch/version details provided in the documents). CVSS metrics in the initial...

7.2CVSS6.5AI score0.01835EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.107 views

CVE-1999-0590

Technical details are not publicly available in the provided documents for CVE-1999-0590; no affected products, versions, impact, or remediation are specified. Monitor for updates from the connected sources.

10CVSS6.9AI score0.06024EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.107 views

CVE-2004-0900

CVE-2004-0900 pertains to the Windows NT 4.0 DHCP Server, where an unchecked buffer during DHCP message length validation can be exploited by a remote attacker to execute arbitrary code via a malformed DHCP message. The vulnerability is part of MS04-042 (DHCP vulnerabilities) and affects Windows ...

10CVSS7.5AI score0.26041EPSS
CVE
CVE
added 2002/09/10 4:0 a.m.106 views

CVE-2002-0862

CVE-2002-0862 concerns the CryptoAPI in Microsoft products (Windows 98 through XP; Office for Mac; IE for Mac; Outlook Express for Mac). The issue: the CertGetCertificateChain, CertVerifyCertificateChainPolicy, and WinVerifyTrust APIs fail to properly verify the Basic Constraints of intermediate ...

6.8CVSS6.3AI score0.18675EPSS
CVE
CVE
added 2003/09/12 4:0 a.m.106 views

CVE-2003-0715

CVE-2003-0715 describes a heap-based buffer overflow in the Windows RPCSS DCOM interface that can be triggered by a malformed DCERPC DCOM object activation request with modified length fields, enabling remote code execution. Affected: Windows NT 4.0 SPx, 2000, XP, and Server 2003 (DCOM RPC interf...

10CVSS7.7AI score0.37141EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.104 views

CVE-2002-0391

CVE-2002-0391 describes an integer overflow in the xdr_array function of RPC servers using libc/glibc or SunRPC-based code (e.g., dietlibc), enabling remote code execution by passing a large number of RPC arguments. The OpenVAS/DSA entries show Debian advisories addressing this issue across multi...

10CVSS9.9AI score0.58133EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.103 views

CVE-2000-0673

The CVE-2000-0673 issue affects NetBIOS Name Server (NBNS) where the protocol lacks authentication, allowing remote attackers to cause a denial of service by sending spoofed Name Conflict or Name Release datagrams. Documented impact is DoS on affected hosts, e.g., NetBIOS name resolution disrupti...

5CVSS6.7AI score0.38209EPSS
CVE
CVE
added 2002/02/18 5:0 a.m.102 views

CVE-2002-0053

Technical details about CVE-2002-0053 are not publicly available in the provided connected documents. Monitor for updates.

7.5CVSS7.8AI score0.37913EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.96 views

CVE-2004-1049

CVE-2004-1049 affects Microsoft Windows LoadImage API (cursor/icon handling). The vulnerability arises from an integer overflow when processing certain image resources (e.g., .ani, .ico, .cur, .bmp), which can lead to heap memory corruption and remote code execution if a user opens a crafted file...

5.1CVSS7.7AI score0.29743EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.95 views

CVE-1999-0256

CVE-1999-0256 describes a stack-based buffer overflow in War FTP Daemon (War-FTPD) 1.65 (and potentially earlier) that affects the PASS command, allowing remote code execution or denial of service. Public materials in connected sources show confirmatory details: exploits/modules (e.g., Metasploit...

7.5CVSS7.1AI score0.7242EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.94 views

CVE-2000-1218

The CVE relates to Microsoft Windows 98, NT 4.0, 2000, and XP where the default domain name resolver configuration sets QueryIpMatching to 0. This causes the resolver to accept DNS updates from hosts it did not query, enabling DNS cache poisoning by a remote attacker. The PTSecurity entry confirm...

9.8CVSS7AI score0.06088EPSS
CVE
CVE
added 2002/08/24 4:0 a.m.94 views

CVE-2002-0724

CVE-2002-0724 (MS02-045) describes a remote DoS in Windows SMB where handling SMB_COM_TRANSACTION with NetShareEnum/NetServerEnum2/NetServerEnum3 can overflow the heap when Max Param/Data Count is 0. A crafted packet may crash the host (Blue Screen) and, per CERT/Core advisories, might enable fur...

7.5CVSS6.5AI score0.30132EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.93 views

CVE-1999-0015

CVE-1999-0015 is a Teardrop IP fragmentation denial-of-service vulnerability. The connected sources describe a flaw in IP fragment reassembly that can crash or disrupt a remote server, enabling a DoS condition without authentication. The nessus entry explicitly notes the attack payload (“teardrop...

5CVSS6.8AI score0.35689EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.93 views

CVE-1999-0585

Technical details about CVE-1999-0585 are not publicly available in the provided connected documents. The materials only reiterate the default Administrator account name without product/version or impact specifics. Monitor for updates.

2.1CVSS7AI score0.02482EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.92 views

CVE-1999-0504

CVE-1999-0504 describes a Windows NT local account with a default, null, blank, or missing password. Public references note exploitation paths via Windows SMB/PSEXEC‑style mechanisms and remote command execution tooling, with related Metasploit modules referencing the CVE when using an administra...

7.5CVSS6.2AI score0.63703EPSS
CVE
CVE
added 2003/10/17 4:0 a.m.90 views

CVE-2003-0717

CVE-2003-0717 describes a buffer overflow in the Windows Messenger Service (NT through Server 2003). The root cause is improper validation of message length before writing to the allocated buffer, enabling remote code execution with the target’s privileges. Public sources (MS03-043) identify affe...

7.5CVSS7.9AI score0.63464EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.90 views

CVE-2003-0906

CVE-2003-0906 is a buffer overrun in Windows WMF/EMF rendering that allows remote code execution via a malformed WMF/EMF image on Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1. Exploitation occurs when rendering or displaying the crafted metafile/image; Windows 2000/XP/NT systems ...

7.6CVSS7.9AI score0.25123EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.89 views

CVE-1999-0391

CVE-1999-0391 involves the reuse of the SMB authentication cryptographic challenge in Windows 95/Windows 98, enabling an attacker to replay the response and impersonate a user. Affected software is Windows 95 and Windows 98; the vulnerability lies in the SMB authentication verification (cryptogra...

7.5CVSS7.1AI score0.04891EPSS
CVE
CVE
added 2004/12/31 5:0 a.m.89 views

CVE-2004-0567

Summary: CVE-2004-0567 refers to a buffer/_name validation vulnerability in Windows WINS that can allow remote code execution or denial of service via specially crafted WINS packets. Affected products/versions (as stated): Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Ser...

7.5CVSS7.9AI score0.72286EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.88 views

CVE-1999-0119

CVE-1999-0119 affects Windows NT 4.0 beta; it enables users to read and delete network shares. The vulnerability is rated CVSSv2 10.0 (HIGH) with network access, no authentication, and complete impact on confidentiality, integrity, and availability. The provided documents do not include a remedia...

10CVSS6.8AI score0.05975EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.88 views

CVE-2002-0018

In Windows NT/Windows 2000, a domain trust relationship can be abused when a trusting domain accepts authorization data (SIDs) from a trusted domain without verifying that the trusted domain is authoritative for all SIDs. The root cause is failure to validate all SIDs in the authorization data su...

10CVSS6.7AI score0.1796EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.88 views

CVE-2003-0719

CVE-2003-0719 is a buffer overflow in the Microsoft SSL library’s Private Communications Transport (PCT) implementation. The vulnerability allows remote code execution via crafted PCT 1.0 handshake packets on affected Windows family systems (NT 4.0 SP6a, 2000 SP2–SP4, XP SP1, Server 2003, NetMeet...

7.5CVSS7.8AI score0.83412EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.88 views

CVE-2003-0806

CVE-2003-0806 is a Winlogon buffer-overflow vulnerability in Windows NT 4.0 SP6a, Windows 2000 SP2–SP4, and Windows XP SP1 where a domain-joined user’s domain data is read during logon without proper bounds checking. The root cause is an unchecked size of a value used during logon that is inserte...

7.5CVSS7.9AI score0.32936EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.88 views

CVE-2004-0901

CVE-2004-0901 (Font Conversion Vulnerability) affects WordPad’s Word for Windows 6.0 Converter (MSWRD632.WPC) used by WordPad. A crafted Word/RTF/WRI/ DOC file can trigger a buffer/length-check flaw, leading to remote code execution when opened by WordPad. Public advisories (MS04-041) document tw...

10CVSS7.5AI score0.31053EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.87 views

CVE-1999-0874

CVE-1999-0874 maps to a buffer overflow in IIS 4.0’s ISAPI processing of HTR/IDC/STM files (ISM.DLL). Public sources show a remote overflow that can cause denial of service and, in several references, the potential for remote code execution on affected Windows NT systems (MS02-018/Microsoft MS99-...

10CVSS6.9AI score0.78099EPSS
Web
CVE
CVE
added 2004/07/14 4:0 a.m.87 views

CVE-2004-0212

CVE-2004-0212 describes a stack-based buffer overflow in the Windows Task Scheduler (mstask) that affects Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0. The vulnerability occurs in how Task Scheduler handles long parameters in .job files, allowing a remote or local attacker to ex...

10CVSS7.7AI score0.66952EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.87 views

CVE-2004-0571

CVE-2004-0571 describes a remote code execution vulnerability in the Word for Windows 6.0 Converter used by WordPad. A crafted Word 6.0 document could trigger an unchecked data length/buffer handling in the converter, enabling an attacker to execute arbitrary code on a vulnerable system when the ...

10CVSS7.6AI score0.30724EPSS
CVE
CVE
added 2004/07/14 4:0 a.m.86 views

CVE-2004-0201

The CVE-2004-0201 entry documents a heap-based buffer overflow in the HTML Help viewer hh.exe used by HTML Help (.chm) on Windows platforms (Windows 98, Me, NT 4.0, 2000, XP, and Server 2003). The vulnerability allows remote code execution via a .CHM file with a large length field, enabling an at...

10CVSS7.8AI score0.45137EPSS
CVE
CVE
added 2005/02/14 5:0 a.m.86 views

CVE-2005-0416

CVE-2005-0416 describes a stack-based buffer overflow in the Windows Animated Cursor (ANI) handling. The vulnerability affects Windows NT, Windows 2000 (SP4), Windows XP (SP1), and Windows 2003, where a crafted AnimationHeaderBlock length field can lead to remote code execution or memory corrupti...

7.5CVSS7.6AI score0.45486EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.85 views

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

10CVSS7.4AI score0.15303EPSS
Total number of security vulnerabilities252