The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
Max CVSS
9.8
EPSS Score
0.64%
Published
2000-04-14
Updated
2024-02-08
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.
Max CVSS
5.0
EPSS Score
0.05%
Published
2000-04-20
Updated
2018-10-12
The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-04-12
Updated
2018-10-12
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
Max CVSS
7.5
EPSS Score
0.43%
Published
2000-04-19
Updated
2018-10-19
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-04-11
Updated
2018-10-12
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!