Microsoft: >> Windows Nt >> 3.5.1 Security Vulnerabilities
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
CVSS Score
7.2
EPSS Score
0.031
Published
1999-03-12
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
CVSS Score
5.0
EPSS Score
0.091
Published
1999-03-08
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-02-20
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
CVSS Score
2.1
EPSS Score
0.048
Published
1999-02-12
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
CVSS Score
7.5
EPSS Score
0.038
Published
1999-01-05
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
CVSS Score
10.0
EPSS Score
0.134
Published
1999-01-01
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-01-01
Windows NT automatically logs in an administrator upon rebooting.
CVSS Score
7.2
EPSS Score
0.004
Published
1999-01-01
A system-critical Windows NT file or directory has inappropriate permissions.
CVSS Score
10.0
EPSS Score
0.026
Published
1999-01-01
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
CVSS Score
10.0
EPSS Score
0.117
Published
1999-01-01