| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IP forwarding is enabled on a machine which is not a router or firewall. |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. |
| A Windows NT domain user or administrator account has a guessable password. |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. |
| The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. |
| Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. |
| Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. |
| The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. |
| Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. |
