Filtered by vendor Microsoft
Subscriptions
Total
20243 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0469 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. | ||||
| CVE-1999-0448 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | ||||
| CVE-1999-0489 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | ||||
| CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | ||||
| CVE-1999-0450 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-01 | N/A |
| In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | ||||
| CVE-1999-0444 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-08-01 | N/A |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | ||||
| CVE-1999-0412 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-01 | N/A |
| In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. | ||||
| CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | ||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2024-08-01 | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | ||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | ||||
| CVE-1999-0407 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | ||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2024-08-01 | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | ||||
| CVE-1999-0379 | 1 Microsoft | 1 Backoffice Resource Kit | 2024-08-01 | N/A |
| Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. | ||||
| CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | ||||
| CVE-1999-0294 | 1 Microsoft | 1 Wins | 2024-08-01 | N/A |
| All records in a WINS database can be deleted through SNMP for a denial of service. | ||||
| CVE-1999-0348 | 1 Microsoft | 1 Internet Information Server | 2024-08-01 | N/A |
| IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | ||||
| CVE-1999-0354 | 1 Microsoft | 2 Internet Explorer, Word | 2024-08-01 | N/A |
| Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. | ||||
| CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | ||||
| CVE-1999-0391 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2024-08-01 | N/A |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | ||||
| CVE-1999-0281 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-01 | N/A |
| Denial of service in IIS using long URLs. | ||||