Microsoft: >> Windows 2000 Security Vulnerabilities
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
CVSS Score
7.8
EPSS Score
0.148
Published
1999-06-30
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
CVSS Score
7.1
EPSS Score
0.211
Published
1999-06-23
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
CVSS Score
10.0
EPSS Score
0.845
Published
1999-06-16
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
CVSS Score
5.0
EPSS Score
0.655
Published
1999-05-27
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
CVSS Score
4.6
EPSS Score
0.019
Published
1999-05-20
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
CVSS Score
4.6
EPSS Score
0.063
Published
1999-05-17
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVSS Score
2.6
EPSS Score
0.102
Published
1999-05-07
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
CVSS Score
2.1
EPSS Score
0.063
Published
1999-02-12
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
CVSS Score
7.5
EPSS Score
0.045
Published
1999-01-05
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-01-01