"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.
Max CVSS
2.1
EPSS Score
0.08%
Published
2004-11-03
Updated
2018-10-12
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."
Max CVSS
2.6
EPSS Score
0.74%
Published
2004-06-01
Updated
2018-10-12
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-05-12
Updated
2019-04-30
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
Max CVSS
3.6
EPSS Score
0.07%
Published
2002-12-31
Updated
2019-04-30
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
Max CVSS
4.3
EPSS Score
1.53%
Published
2002-12-31
Updated
2016-10-18
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
Max CVSS
2.1
EPSS Score
0.08%
Published
2002-12-31
Updated
2019-04-30
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.
Max CVSS
4.6
EPSS Score
0.05%
Published
2002-11-12
Updated
2019-04-30
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
Max CVSS
2.1
EPSS Score
0.13%
Published
2001-07-27
Updated
2019-04-30
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-08-03
Updated
2017-12-19
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
Max CVSS
2.1
EPSS Score
0.05%
Published
2001-06-18
Updated
2017-10-10
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
Max CVSS
4.6
EPSS Score
0.22%
Published
2001-02-16
Updated
2018-10-12
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-07-25
Updated
2018-10-12
Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request.
Max CVSS
2.1
EPSS Score
0.07%
Published
2000-03-30
Updated
2018-10-12
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
Max CVSS
4.6
EPSS Score
0.07%
Published
2000-02-14
Updated
2008-09-10
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-02-04
Updated
2022-08-17
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
Max CVSS
3.6
EPSS Score
0.22%
Published
2000-02-01
Updated
2018-10-12
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-02-04
Updated
2018-10-12
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
Max CVSS
2.1
EPSS Score
0.71%
Published
1999-12-31
Updated
2017-10-10
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-12-31
Updated
2017-10-10
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2017-10-10
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!