Filtered by vendor Microsoft
Subscriptions
Total
20250 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | ||||
| CVE-1999-1361 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. | ||||
| CVE-1999-1375 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | ||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | ||||
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | ||||
| CVE-1999-1360 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | ||||
| CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | ||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-08-01 | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | ||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | ||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | ||||
| CVE-1999-1376 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. | ||||
| CVE-1999-1291 | 1 Microsoft | 2 Windows 95, Windows Nt | 2024-08-01 | N/A |
| TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | ||||
| CVE-1999-1294 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission. | ||||
| CVE-1999-1322 | 2 Broadcom, Microsoft | 3 Arcserve Backup, Inoculan, Exchange Server | 2024-08-01 | N/A |
| The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | ||||
| CVE-1999-1316 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | ||||
| CVE-1999-1259 | 1 Microsoft | 1 Office | 2024-08-01 | N/A |
| Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information. | ||||
| CVE-1999-1279 | 1 Microsoft | 1 Sna Server | 2024-08-01 | N/A |
| An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. | ||||
| CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-08-01 | N/A |
| Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | ||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | ||||
| CVE-1999-1201 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-08-01 | N/A |
| Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | ||||