Filtered by vendor Microsoft
Subscriptions
Total
20231 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0560 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| A system-critical Windows NT file or directory has inappropriate permissions. | ||||
| CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2024-08-01 | N/A |
| A NETBIOS/SMB share password is the default, null, or missing. | ||||
| CVE-1999-0505 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-08-01 | N/A |
| A Windows NT domain user or administrator account has a guessable password. | ||||
| CVE-1999-0468 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. | ||||
| CVE-1999-0490 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. | ||||
| CVE-1999-0496 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. | ||||
| CVE-1999-0503 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-08-01 | N/A |
| A Windows NT local user or administrator account has a guessable password. | ||||
| CVE-1999-0518 | 1 Microsoft | 1 Windows 95 | 2024-08-01 | N/A |
| A NETBIOS/SMB share password is guessable. | ||||
| CVE-1999-0469 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. | ||||
| CVE-1999-0448 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | ||||
| CVE-1999-0489 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | ||||
| CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | ||||
| CVE-1999-0450 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-01 | N/A |
| In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | ||||
| CVE-1999-0444 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-08-01 | N/A |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | ||||
| CVE-1999-0412 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-01 | N/A |
| In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. | ||||
| CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | ||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2024-08-01 | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | ||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | ||||
| CVE-1999-0407 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | ||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2024-08-01 | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | ||||