CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Nt » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2008-4609 16 DoS 2008-10-20 2021-07-07
7.1
None Remote Medium Not required None None Complete
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
2 CVE-2007-1912 Overflow 2007-04-10 2017-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
3 CVE-2004-1049 Exec Code Overflow 2004-12-31 2018-10-12
5.1
None Remote High Not required Partial Partial Partial
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."
4 CVE-2003-1357 16 2003-12-31 2017-07-29
10.0
None Remote Low Not required Complete Complete Complete
ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access.
5 CVE-2002-0018 +Priv 2002-03-08 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
6 CVE-2001-0879 DoS 2001-12-20 2019-04-30
5.0
None Remote Low Not required None None Partial
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
7 CVE-2001-0281 +Priv 2001-05-03 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
8 CVE-2001-0017 DoS 2001-03-12 2018-10-12
5.0
None Remote Low Not required None None Partial
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
9 CVE-2001-0016 2001-03-12 2018-10-12
7.2
None Local Low Not required Complete Complete Complete
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
10 CVE-2001-0003 2001-02-12 2018-10-12
5.0
None Remote Low Not required Partial None None
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
11 CVE-1999-1455 1999-12-31 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
12 CVE-1999-1365 +Priv Bypass 1999-06-28 2017-10-26
7.2
None Local Low Not required Complete Complete Complete
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
13 CVE-1999-1362 DoS 1999-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
14 CVE-1999-1359 Bypass 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
15 CVE-1999-1358 Bypass 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
16 CVE-1999-1254 DoS 1999-03-08 2017-12-19
5.0
None Remote Low Not required None None Partial
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
17 CVE-1999-1217 +Priv 1997-07-25 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
18 CVE-1999-1157 DoS 1999-12-31 2017-10-10
5.0
None Remote Low Not required None None Partial
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
19 CVE-1999-0987 287 1999-11-18 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
20 CVE-1999-0874 119 DoS Overflow 1999-06-16 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
21 CVE-1999-0755 255 1999-05-27 2018-10-12
5.0
None Remote Low Not required Partial None None
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
22 CVE-1999-0726 20 DoS 1999-06-30 2018-10-12
7.8
None Remote Low Not required None None Complete
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
23 CVE-1999-0723 DoS 1999-06-23 2018-10-12
7.1
None Remote Medium Not required None None Complete
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
24 CVE-1999-0721 20 DoS 1999-07-20 2018-10-12
7.8
None Remote Low Not required None None Complete
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
25 CVE-1999-0717 1999-05-07 2018-10-12
2.6
None Remote High Not required None Partial None
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
26 CVE-1999-0716 Overflow 1999-05-17 2018-10-12
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
27 CVE-1999-0715 DoS Exec Code Overflow 1999-05-20 2018-10-12
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
28 CVE-1999-0700 119 Overflow 1999-07-29 2018-10-12
6.2
None Local High Not required Complete Complete Complete
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
29 CVE-1999-0612 1997-03-01 2008-09-09
0.0
None Remote Low Not required None None None
A version of finger is running that exposes valid user information to any entity on the network.
30 CVE-1999-0593 1999-01-01 2017-07-11
4.9
None Local Low Not required None None Complete
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
31 CVE-1999-0582 1997-01-01 2008-09-09
5.0
None Remote Low Not required None None Partial
A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.
32 CVE-1999-0581 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
33 CVE-1999-0579 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
34 CVE-1999-0578 1999-01-01 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
35 CVE-1999-0577 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
36 CVE-1999-0576 1997-01-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.
37 CVE-1999-0575 1997-01-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.
38 CVE-1999-0572 1997-01-01 2008-09-09
9.3
None Remote Medium Not required Complete Complete Complete
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
39 CVE-1999-0570 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
40 CVE-1999-0562 1997-01-01 2017-10-19
7.5
None Remote Low Not required Partial Partial Partial
The registry in Windows NT can be accessed remotely by users who are not administrators.
41 CVE-1999-0560 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Windows NT file or directory has inappropriate permissions.
42 CVE-1999-0549 1999-01-01 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Windows NT automatically logs in an administrator upon rebooting.
43 CVE-1999-0546 1998-10-01 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
The Windows NT guest account is enabled.
44 CVE-1999-0535 1997-01-01 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
45 CVE-1999-0534 1997-01-01 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
46 CVE-1999-0519 1997-01-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
A NETBIOS/SMB share password is the default, null, or missing.
47 CVE-1999-0511 1997-01-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
IP forwarding is enabled on a machine which is not a router or firewall.
48 CVE-1999-0506 1998-10-01 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
49 CVE-1999-0505 1998-10-01 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A Windows NT domain user or administrator account has a guessable password.
50 CVE-1999-0504 1997-01-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
A Windows NT local user or administrator account has a default, null, blank, or missing password.
Total number of vulnerabilities : 63   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.