Microsoft: >> Windows Nt >> 3.5.1 Security Vulnerabilities
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
CVSS Score
5.0
EPSS Score
0.003
Published
2002-12-31
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
CVSS Score
10.0
EPSS Score
0.336
Published
2002-03-08
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVSS Score
5.0
EPSS Score
0.102
Published
2001-12-20
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
CVSS Score
7.2
EPSS Score
0.006
Published
2001-05-03
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
CVSS Score
7.2
EPSS Score
0.014
Published
2001-03-12
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
CVSS Score
5.0
EPSS Score
0.191
Published
2001-03-12
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVSS Score
5.0
EPSS Score
0.161
Published
2001-02-12
A Windows NT administrator account has the default name of Administrator.
CVSS Score
2.1
EPSS Score
0.008
Published
2000-07-01
A system does not present an appropriate legal message or warning to a user who is accessing it.
CVSS Score
10.0
EPSS Score
0.103
Published
2000-06-01
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
CVSS Score
2.1
EPSS Score
0.008
Published
2000-01-20