Microsoft: >> Windows Nt >> 4.0 Security Vulnerabilities
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
CVSS Score
10.0
EPSS Score
0.851
Published
1999-06-16
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
CVSS Score
5.0
EPSS Score
0.481
Published
1999-05-27
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
CVSS Score
4.6
EPSS Score
0.011
Published
1999-05-20
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
CVSS Score
10.0
EPSS Score
0.171
Published
1999-05-17
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
CVSS Score
4.6
EPSS Score
0.013
Published
1999-05-17
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVSS Score
2.6
EPSS Score
0.066
Published
1999-05-07
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
CVSS Score
5.0
EPSS Score
0.073
Published
1999-04-12
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
CVSS Score
7.2
EPSS Score
0.031
Published
1999-03-12
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
CVSS Score
5.0
EPSS Score
0.091
Published
1999-03-08
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-02-20