Windows NT 4.0 beta allows users to read and delete shares.
Max CVSS
10.0
EPSS Score
0.35%
Published
1999-01-19
Updated
2022-08-17
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
Max CVSS
10.0
EPSS Score
0.54%
Published
1999-01-01
Updated
2022-08-17
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Max CVSS
10.0
EPSS Score
15.99%
Published
1996-02-25
Updated
2020-11-23
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
Max CVSS
10.0
EPSS Score
0.47%
Published
1999-01-01
Updated
2022-08-17
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
Max CVSS
10.0
EPSS Score
0.35%
Published
1999-01-01
Updated
2016-10-18
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
Max CVSS
10.0
EPSS Score
0.98%
Published
1998-12-01
Updated
2020-04-02
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
Max CVSS
10.0
EPSS Score
3.37%
Published
1999-02-09
Updated
2016-10-18
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
Max CVSS
10.0
EPSS Score
0.94%
Published
1999-05-17
Updated
2018-10-12
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
Max CVSS
10.0
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
A system-critical Windows NT file or directory has inappropriate permissions.
Max CVSS
10.0
EPSS Score
0.25%
Published
1999-01-01
Updated
2022-08-17
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
Max CVSS
10.0
EPSS Score
0.35%
Published
1999-01-01
Updated
2022-08-17
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
Max CVSS
9.3
EPSS Score
0.14%
Published
1997-01-01
Updated
2022-08-17
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
Max CVSS
10.0
EPSS Score
0.35%
Published
1999-01-01
Updated
2022-08-17
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
Max CVSS
10.0
EPSS Score
0.35%
Published
1999-01-01
Updated
2022-08-17
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
Max CVSS
10.0
EPSS Score
0.25%
Published
1999-01-01
Updated
2022-08-17
A system does not present an appropriate legal message or warning to a user who is accessing it.
Max CVSS
10.0
EPSS Score
0.30%
Published
2000-06-01
Updated
2022-08-17
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
Max CVSS
10.0
EPSS Score
3.66%
Published
1999-09-10
Updated
2021-07-22
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
Max CVSS
9.3
EPSS Score
0.81%
Published
1999-10-21
Updated
2021-07-23

CVE-1999-0874

Public exploit
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Max CVSS
10.0
EPSS Score
90.74%
Published
1999-06-16
Updated
2018-10-12
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
Max CVSS
10.0
EPSS Score
1.00%
Published
2000-01-04
Updated
2021-07-22
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
Max CVSS
9.0
EPSS Score
0.38%
Published
1999-09-17
Updated
2018-10-12
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
Max CVSS
10.0
EPSS Score
0.35%
Published
1997-11-01
Updated
2022-08-17
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
Max CVSS
10.0
EPSS Score
0.41%
Published
1999-11-18
Updated
2018-08-13

CVE-1999-1011

Public exploit
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
68.33%
Published
1999-07-19
Updated
2018-10-15
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
Max CVSS
10.0
EPSS Score
0.36%
Published
1999-05-06
Updated
2021-07-23
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!