Windows NT RSHSVC program allows remote users to execute arbitrary commands.
Max CVSS
7.2
EPSS Score
0.21%
Published
1997-01-01
Updated
2022-08-17
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Max CVSS
7.5
EPSS Score
1.42%
Published
1997-01-01
Updated
2022-08-17

CVE-1999-0256

Public exploit
Buffer overflow in War FTP allows remote execution of commands.
Max CVSS
7.5
EPSS Score
96.21%
Published
1998-02-01
Updated
2008-09-09
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
Max CVSS
7.5
EPSS Score
0.45%
Published
1997-04-01
Updated
2022-08-17
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
Max CVSS
7.5
EPSS Score
0.46%
Published
1998-01-01
Updated
2022-08-17
Buffer overflow in Internet Explorer 4.0(1).
Max CVSS
7.5
EPSS Score
0.35%
Published
1998-01-01
Updated
2022-08-17
Buffer overflow in NetMeeting allows denial of service and remote command execution.
Max CVSS
7.5
EPSS Score
1.14%
Published
1998-12-01
Updated
2018-08-13
NT users can gain debug-level access on a system process using the Sechole exploit.
Max CVSS
7.2
EPSS Score
0.05%
Published
1998-08-01
Updated
2018-10-12
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.65%
Published
1999-01-27
Updated
2018-10-12
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.
Max CVSS
7.5
EPSS Score
0.28%
Published
1999-11-01
Updated
2021-07-22
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-01-30
Updated
2016-10-18
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
Max CVSS
7.5
EPSS Score
1.00%
Published
1999-02-08
Updated
2018-10-12
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
Max CVSS
7.5
EPSS Score
0.77%
Published
1999-02-22
Updated
2018-10-12
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-03-12
Updated
2018-10-12
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
Max CVSS
7.8
EPSS Score
0.31%
Published
1999-11-29
Updated
2018-10-12
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Max CVSS
7.5
EPSS Score
0.38%
Published
1999-01-05
Updated
2022-08-17
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
Max CVSS
7.5
EPSS Score
0.23%
Published
1999-02-19
Updated
2020-11-23
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
Max CVSS
7.8
EPSS Score
90.13%
Published
1999-01-26
Updated
2008-09-09
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Max CVSS
7.5
EPSS Score
0.47%
Published
1999-01-26
Updated
2020-11-23
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
Max CVSS
7.5
EPSS Score
1.17%
Published
1999-04-21
Updated
2021-07-22
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
Max CVSS
7.5
EPSS Score
0.99%
Published
1999-04-21
Updated
2021-07-22
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2018-08-13
NETBIOS share information may be published through SNMP registry keys in NT.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
A Windows NT local user or administrator account has a guessable password.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2022-08-17

CVE-1999-0504

Public exploit
A Windows NT local user or administrator account has a default, null, blank, or missing password.
Max CVSS
7.5
EPSS Score
0.55%
Published
1997-01-01
Updated
2022-08-17
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!