"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.
Max CVSS
2.1
EPSS Score
0.08%
Published
2004-11-03
Updated
2018-10-12
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."
Max CVSS
2.6
EPSS Score
0.74%
Published
2004-06-01
Updated
2018-10-12
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
Max CVSS
2.1
EPSS Score
0.08%
Published
2002-12-31
Updated
2019-04-30
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
Max CVSS
2.1
EPSS Score
0.13%
Published
2001-07-27
Updated
2019-04-30
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-08-03
Updated
2017-12-19
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
Max CVSS
2.1
EPSS Score
0.05%
Published
2001-06-18
Updated
2017-10-10
Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request.
Max CVSS
2.1
EPSS Score
0.07%
Published
2000-03-30
Updated
2018-10-12
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-02-04
Updated
2022-08-17
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-02-04
Updated
2018-10-12
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
Max CVSS
2.1
EPSS Score
0.71%
Published
1999-12-31
Updated
2017-10-10
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2008-09-05
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-12-31
Updated
2017-10-10
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
Max CVSS
2.6
EPSS Score
0.58%
Published
1999-05-07
Updated
2018-10-12
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-01-20
Updated
2022-08-17
A Windows NT administrator account has the default name of Administrator.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-07-01
Updated
2022-08-17
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
Max CVSS
2.1
EPSS Score
0.16%
Published
1999-02-12
Updated
2018-10-12
19 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!