Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Nt4.0

193 matches found

CVE
CVEadded 2000/04/25 4:0 a.m.64 views

CVE-2000-0070

NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."

7.2CVSS6.9AI score0.02719EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.63 views

CVE-2000-1089

Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.

10CVSS7.2AI score0.68838EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.63 views

CVE-2002-0151

Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

7.2CVSS6.9AI score0.0281EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.63 views

CVE-2004-0899

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vu...

5CVSS6.5AI score0.37272EPSS
CVE
CVEadded 2001/01/09 5:0 a.m.62 views

CVE-2000-1039

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOT...

5CVSS6.8AI score0.38346EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.62 views

CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

7.2CVSS7.8AI score0.04802EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.62 views

CVE-2004-0118

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

7.2CVSS7.5AI score0.12668EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.62 views

CVE-2004-0568

HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Te...

10CVSS7.9AI score0.21954EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.62 views

CVE-2005-0045

The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vu...

7.5CVSS7.6AI score0.80833EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.62 views

CVE-2005-0050

The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "Lice...

10CVSS7.5AI score0.49017EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.61 views

CVE-2002-0366

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

7.2CVSS7.6AI score0.00497EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.61 views

CVE-2002-1325

Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."

5CVSS6.4AI score0.05682EPSS
CVE
CVEadded 2007/11/20 12:46 a.m.61 views

CVE-2007-6026

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. ...

9.3CVSS7.3AI score0.69461EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.60 views

CVE-1999-0224

Denial of service in Windows NT messenger service through a long username.

5CVSS7AI score0.28996EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.60 views

CVE-1999-0717

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

2.6CVSS7AI score0.06606EPSS
CVE
CVEadded 2004/07/27 4:0 a.m.60 views

CVE-2003-1048

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

10CVSS7.3AI score0.5977EPSS
CVE
CVEadded 2006/05/10 2:14 a.m.60 views

CVE-2006-0034

Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or ...

7.5CVSS7.9AI score0.5197EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.59 views

CVE-1999-0366

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

7.5CVSS7AI score0.05702EPSS
CVE
CVEadded 2000/05/16 4:0 a.m.58 views

CVE-1999-0980

Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.

5CVSS6.6AI score0.24538EPSS
CVE
CVEadded 2000/04/26 4:0 a.m.58 views

CVE-2000-0256

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.

7.5CVSS6.5AI score0.34079EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.58 views

CVE-2002-1260

The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.

7.5CVSS6.8AI score0.04521EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.57 views

CVE-2003-0813

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a dif...

5.1CVSS6.5AI score0.89814EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.56 views

CVE-1999-0721

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

7.8CVSS7AI score0.19454EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.56 views

CVE-2000-0305

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

7.8CVSS6.7AI score0.30689EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.56 views

CVE-2001-0341

Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

7.5CVSS7.6AI score0.25173EPSS
CVE
CVEadded 2002/10/10 4:0 a.m.56 views

CVE-2002-0693

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script co...

7.5CVSS7.2AI score0.53821EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.56 views

CVE-2003-0711

Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

7.5CVSS8.1AI score0.47787EPSS
CVE
CVEadded 2005/01/06 5:0 a.m.56 views

CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or ...

5CVSS6.5AI score0.77406EPSS
CVE
CVEadded 2002/12/23 5:0 a.m.55 views

CVE-2002-1258

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.

5CVSS6.8AI score0.01796EPSS
CVE
CVEadded 2003/03/24 5:0 a.m.55 views

CVE-2003-0010

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based bu...

7.5CVSS7.9AI score0.18896EPSS
CVE
CVEadded 2004/11/03 5:0 a.m.55 views

CVE-2004-0207

"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs...

2.1CVSS6.5AI score0.01588EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.54 views

CVE-1999-0382

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

7.2CVSS7AI score0.03098EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.54 views

CVE-2000-0328

Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.

5CVSS7.5AI score0.2262EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.54 views

CVE-2002-0070

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.

7.6CVSS7.7AI score0.26114EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.54 views

CVE-2002-0694

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execut...

7.5CVSS7.5AI score0.28961EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.54 views

CVE-2003-0659

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

7.2CVSS7.3AI score0.03659EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.54 views

CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

7.2CVSS6.6AI score0.01018EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.53 views

CVE-2001-0663

Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.

5CVSS6.7AI score0.2305EPSS
CVE
CVEadded 2003/06/09 4:0 a.m.53 views

CVE-2003-0227

The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a c...

5CVSS7.6AI score0.48647EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.53 views

CVE-2003-0660

The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.

7.5CVSS7.4AI score0.29442EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.53 views

CVE-2003-0807

Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.

5CVSS6.7AI score0.38004EPSS
CVE
CVEadded 2005/06/13 4:0 a.m.53 views

CVE-2005-1935

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as de...

7.5CVSS7.9AI score0.89651EPSS
CVE
CVEadded 2000/04/11 4:0 a.m.52 views

CVE-1999-0701

After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.

7.2CVSS6.4AI score0.00779EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.52 views

CVE-1999-0726

An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

7.8CVSS6.9AI score0.19454EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.52 views

CVE-1999-0886

The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.

9CVSS7AI score0.37951EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.52 views

CVE-1999-0909

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.

7.5CVSS7AI score0.04231EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.52 views

CVE-2001-0238

Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.

7.5CVSS7.1AI score0.05327EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.52 views

CVE-2004-0123

Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5CVSS7.9AI score0.48567EPSS
CVE
CVEadded 2004/11/03 5:0 a.m.52 views

CVE-2004-0208

The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged op...

7.2CVSS6.3AI score0.02125EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.51 views

CVE-1999-0595

A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.

2.1CVSS6.5AI score0.00751EPSS
Total number of security vulnerabilities193