| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. |
| Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. |
| The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. |
| Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. |
| Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. |
| Windows NT RSHSVC program allows remote users to execute arbitrary commands. |
| Bonk variation of teardrop IP fragmentation denial of service. |
