Download
| Alert*
|
CVE-2007-1912
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. CVE-2008-4609 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state t ... CVE-2004-1049 Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." CVE-1999-0546 The Windows NT guest account is enabled. CVE-1999-0700 Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. CVE-1999-0549 Windows NT automatically logs in an administrator upon rebooting. CVE-1999-0384 The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. CVE-1999-0140 Denial of service in RAS/PPTP on NT systems. CVE-1999-0715 Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. CVE-1999-0717 A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. CVE-1999-0716 Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. CVE-1999-0153 Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. CVE-1999-0275 Denial of service in Windows NT DNS servers by flooding port 53 with too many characters. CVE-1999-0249 Windows NT RSHSVC program allows remote users to execute arbitrary commands. CVE-1999-1217 The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories. CVE-1999-0535 A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. CVE-1999-0534 A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, ... CVE-1999-0372 The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. CVE-1999-0256 Buffer overflow in War FTP allows remote execution of commands. CVE-1999-0258 Bonk variation of teardrop IP fragmentation denial of service. CVE-1999-0499 NETBIOS share information may be published through SNMP registry keys in NT. CVE-1999-0504 A Windows NT local user or administrator account has a default, null, blank, or missing password. CVE-1999-0503 A Windows NT local user or administrator account has a guessable password. CVE-1999-0987 Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. CVE-1999-0506 A Windows NT domain user or administrator account has a default, null, blank, or missing password. CVE-1999-0505 A Windows NT domain user or administrator account has a guessable password. CVE-1999-0582 A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. CVE-1999-0581 The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. CVE-1999-0755 Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. CVE-1999-0519 A NETBIOS/SMB share password is the default, null, or missing. CVE-1999-0593 The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. CVE-1999-0511 IP forwarding is enabled on a machine which is not a router or firewall. CVE-1999-0874 Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. CVE-1999-0074 Listening TCP ports are sequentially allocated, allowing spoofing attacks. CVE-1999-0721 Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. CVE-1999-0723 The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. CVE-1999-0726 An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. CVE-1999-0285 Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. CVE-1999-0560 A system-critical Windows NT file or directory has inappropriate permissions. CVE-1999-1254 Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. CVE-1999-0562 The registry in Windows NT can be accessed remotely by users who are not administrators. CVE-1999-0444 Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. CVE-1999-0579 A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. CVE-1999-0612 A version of finger is running that exposes valid user information to any entity on the network. CVE-1999-0578 A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. CVE-1999-0570 Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. CVE-1999-0572 .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. CVE-1999-0575 A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. CVE-1999-0577 A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. CVE-1999-0576 A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. CVE-2001-0003 Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnera ... CVE-1999-1359 When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. CVE-1999-1358 When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy fi ... CVE-1999-1365 Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program i ... CVE-2002-0018 In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by inje ... CVE-2001-0879 Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. CVE-2001-0281 Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. |
