| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. |
| Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. |
| Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. |
| IP forwarding is enabled on a machine which is not a router or firewall. |
| The Windows NT guest account is enabled. |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. |
| Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. |
| Denial of service in various Windows systems via malformed, fragmented IGMP packets. |
| The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. |
