Microsoft: >> Windows Nt >> 3.0.1 Security Vulnerabilities
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-12-31
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
CVSS Score
7.5
EPSS Score
0.07
Published
1999-12-31
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
CVSS Score
10.0
EPSS Score
0.055
Published
1999-11-18
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
CVSS Score
6.2
EPSS Score
0.028
Published
1999-07-29
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
CVSS Score
7.8
EPSS Score
0.195
Published
1999-07-20
Denial of service in RAS/PPTP on NT systems.
CVSS Score
5.0
EPSS Score
0.077
Published
1999-06-30
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
CVSS Score
7.8
EPSS Score
0.195
Published
1999-06-30
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
CVSS Score
7.2
EPSS Score
0.015
Published
1999-06-28
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
CVSS Score
7.1
EPSS Score
0.188
Published
1999-06-23
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
CVSS Score
10.0
EPSS Score
0.851
Published
1999-06-16