National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_98:-:gold
There are 97 matching records.
Displaying matches 81 through 97.
Vuln ID Summary CVSS Severity
CVE-2000-0305

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.

Published: May 19, 2000; 12:00:00 AM -04:00
    V2: 7.8 HIGH
CVE-2000-0347

Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.

Published: May 02, 2000; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2000-1218

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Published: April 14, 2000; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2000-0168

Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.

Published: March 04, 2000; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0155

Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive.

Published: February 18, 2000; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2000-0129

Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.

Published: February 04, 2000; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-1999-0975

The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.

Published: December 10, 1999; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-1999-0387

A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.

Published: November 29, 1999; 12:00:00 AM -05:00
    V2: 7.8 HIGH
CVE-2000-0073

Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.

Published: November 17, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0330

The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.

Published: November 12, 1999; 12:00:00 AM -05:00
    V2: 7.6 HIGH
CVE-1999-0749

Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.

Published: August 16, 1999; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-1999-0918

Denial of service in various Windows systems via malformed, fragmented IGMP packets.

Published: July 03, 1999; 12:00:00 AM -04:00
    V2: 7.8 HIGH
CVE-1999-0717

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

Published: May 07, 1999; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-1999-0444

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

Published: April 12, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-1254

Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.

Published: March 08, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1201

Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.

Published: February 06, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0357

Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.

Published: January 25, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM