| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Windows NT domain user or administrator account has a guessable password. |
| Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. |
| The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. |
| Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability. |
| A Windows NT administrator account has the default name of Administrator. |
| Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. |
| A system-critical Windows NT file or directory has inappropriate permissions. |
| Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches. |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. |
| Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability. |
| Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability." |
| Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| A NETBIOS/SMB share password is the default, null, or missing. |