| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. |
| By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. |
| Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. |
| The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files. |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." |
| Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. |
| Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. |
| Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. |
| Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. |
| Buffer overflow in NetMeeting allows denial of service and remote command execution. |
| All records in a WINS database can be deleted through SNMP for a denial of service. |
| The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. |
