Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows Nt

88 matches found

CVE
CVEadded 2003/04/02 5:0 a.m.981 views

CVE-2002-0367

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

7.8CVSS8.9AI score0.01396EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.971 views

CVE-2004-0210

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

7.8CVSS7.3AI score0.0633EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.652 views

CVE-1999-0519

A NETBIOS/SMB share password is the default, null, or missing.

7.5CVSS6.8AI score0.08661EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.378 views

CVE-1999-0511

IP forwarding is enabled on a machine which is not a router or firewall.

7.5CVSS6.8AI score0.0596EPSS
CVE
CVEadded 2003/08/18 4:0 a.m.204 views

CVE-2003-0352

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.

7.5CVSS7.5AI score0.89814EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.202 views

CVE-2003-0533

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute a...

7.5CVSS7.8AI score0.8878EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.137 views

CVE-1999-0505

A Windows NT domain user or administrator account has a guessable password.

7.2CVSS6.7AI score0.00683EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.135 views

CVE-1999-0506

A Windows NT domain user or administrator account has a default, null, blank, or missing password.

7.2CVSS6.7AI score0.07551EPSS
CVE
CVEadded 2006/03/03 11:2 a.m.104 views

CVE-2006-0988

The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of ...

7.8CVSS6.8AI score0.69541EPSS
CVE
CVEadded 2004/03/03 5:0 a.m.94 views

CVE-2003-0818

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause...

7.5CVSS7.4AI score0.89651EPSS
CVE
CVEadded 2002/03/08 5:0 a.m.88 views

CVE-2002-0053

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and ot...

7.5CVSS7.8AI score0.63395EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.79 views

CVE-1999-0499

NETBIOS share information may be published through SNMP registry keys in NT.

7.5CVSS6.5AI score0.04001EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.77 views

CVE-2003-0906

Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.

7.6CVSS7.9AI score0.45302EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.76 views

CVE-1999-0503

A Windows NT local user or administrator account has a guessable password.

7.2CVSS6.5AI score0.00644EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.76 views

CVE-1999-0504

A Windows NT local user or administrator account has a default, null, blank, or missing password.

7.5CVSS6.2AI score0.35999EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.75 views

CVE-1999-0256

Buffer overflow in War FTP allows remote execution of commands.

7.5CVSS7.1AI score0.83285EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.75 views

CVE-2003-0717

The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

7.5CVSS7.9AI score0.79831EPSS
CVE
CVEadded 2002/09/24 4:0 a.m.74 views

CVE-2002-0724

Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buff...

7.5CVSS6.5AI score0.40265EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.73 views

CVE-1999-0391

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

7.5CVSS7.1AI score0.03809EPSS
CVE
CVEadded 2003/08/18 4:0 a.m.72 views

CVE-2003-0345

Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.

7.5CVSS8.1AI score0.46218EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.71 views

CVE-2003-0806

Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.

7.5CVSS7.9AI score0.491EPSS
CVE
CVEadded 2004/11/03 5:0 a.m.71 views

CVE-2004-0206

Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," poss...

7.5CVSS7.5AI score0.80399EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.70 views

CVE-1999-0918

Denial of service in various Windows systems via malformed, fragmented IGMP packets.

7.8CVSS6.6AI score0.34126EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.70 views

CVE-2003-0719

Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT ...

7.5CVSS7.8AI score0.70967EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.69 views

CVE-2004-0567

The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a de...

7.5CVSS7.9AI score0.55EPSS
CVE
CVEadded 2005/04/27 4:0 a.m.67 views

CVE-2005-0416

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.

7.5CVSS7.6AI score0.47317EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.66 views

CVE-2003-0003

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

7.5CVSS7.5AI score0.21852EPSS
CVE
CVEadded 2003/08/07 4:0 a.m.66 views

CVE-2003-0469

Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.

7.5CVSS7.8AI score0.51219EPSS
CVE
CVEadded 2000/04/25 4:0 a.m.64 views

CVE-2000-0070

NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."

7.2CVSS6.9AI score0.02719EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.63 views

CVE-2002-0151

Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

7.2CVSS6.9AI score0.0281EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.62 views

CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

7.2CVSS7.8AI score0.04802EPSS
CVE
CVEadded 2004/06/01 4:0 a.m.62 views

CVE-2004-0118

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

7.2CVSS7.5AI score0.12668EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.62 views

CVE-2005-0045

The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vu...

7.5CVSS7.6AI score0.80833EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.61 views

CVE-2002-0366

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

7.2CVSS7.6AI score0.00497EPSS
CVE
CVEadded 2006/05/10 2:14 a.m.60 views

CVE-2006-0034

Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or ...

7.5CVSS7.9AI score0.5197EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.59 views

CVE-1999-0366

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

7.5CVSS7AI score0.05702EPSS
CVE
CVEadded 2000/04/26 4:0 a.m.58 views

CVE-2000-0256

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.

7.5CVSS6.5AI score0.34079EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.58 views

CVE-2002-1260

The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.

7.5CVSS6.8AI score0.04521EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.56 views

CVE-1999-0721

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

7.8CVSS7AI score0.19454EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.56 views

CVE-2000-0305

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

7.8CVSS6.7AI score0.30689EPSS
CVE
CVEadded 2001/09/18 4:0 a.m.56 views

CVE-2001-0341

Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

7.5CVSS7.6AI score0.25173EPSS
CVE
CVEadded 2002/10/10 4:0 a.m.56 views

CVE-2002-0693

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script co...

7.5CVSS7.2AI score0.53821EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.56 views

CVE-2003-0711

Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

7.5CVSS8.1AI score0.47787EPSS
CVE
CVEadded 2003/03/24 5:0 a.m.55 views

CVE-2003-0010

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based bu...

7.5CVSS7.9AI score0.18896EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.54 views

CVE-1999-0382

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

7.2CVSS7AI score0.03098EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.54 views

CVE-2002-0070

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.

7.6CVSS7.7AI score0.26114EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.54 views

CVE-2002-0694

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execut...

7.5CVSS7.5AI score0.28961EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.54 views

CVE-2003-0659

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

7.2CVSS7.3AI score0.03659EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.54 views

CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

7.2CVSS6.6AI score0.01018EPSS
CVE
CVEadded 2003/11/17 5:0 a.m.53 views

CVE-2003-0660

The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.

7.5CVSS7.4AI score0.29442EPSS
Total number of security vulnerabilities88