CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overf...

CVE-1999-0590

A system does not present an appropriate legal message or warning to a user who is accessing it.

CVE-1999-0015

Teardrop IP denial of service.

CVE-1999-0391

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

CVE-1999-0585

A Windows NT administrator account has the default name of Administrator.

CVE-1999-0382

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

CVE-1999-0595

A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.

CVE-1999-0179

Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.

CVE-1999-0376

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

CVE-1999-0344

NT users can gain debug-level access on a system process using the Sechole exploit.

CVE-1999-1363

Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.

CVE-1999-1361

Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.