CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Nt : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0112 Overflow +Priv 2003-05-12 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
2 CVE-2002-2073 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
3 CVE-2002-1184 +Priv 2002-11-12 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.
4 CVE-2001-0046 +Info 2001-02-16 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
5 CVE-2000-0663 Exec Code 2000-07-25 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
6 CVE-2000-0197 +Priv 2000-02-14 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
7 CVE-1999-1358 Bypass 1999-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
8 CVE-1999-1317 +Priv 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
9 CVE-1999-1217 +Priv 1997-07-25 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
10 CVE-1999-1084 1999-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
11 CVE-1999-0975 Exec Code 1999-12-10 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
12 CVE-1999-0824 1999-11-30 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
13 CVE-1999-0716 Overflow 1999-05-17 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
14 CVE-1999-0715 DoS Exec Code Overflow 1999-05-20 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
15 CVE-1999-0593 1999-01-01 2009-10-31
4.9
None Local Low Not required None None Complete
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
16 CVE-1999-0578 1999-01-01 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
17 CVE-1999-0546 1998-10-01 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
The Windows NT guest account is enabled.
18 CVE-1999-0534 1997-01-01 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
19 CVE-1999-0496 1997-01-01 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
20 CVE-1999-0384 1999-01-01 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
21 CVE-1999-0376 1999-02-20 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.
22 CVE-1999-0344 1998-08-01 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
NT users can gain debug-level access on a system process using the Sechole exploit.
Total number of vulnerabilities : 22   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.