National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_nt:4.0:-:~~enterprise~~x64~
There are 253 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2003-0112

Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

Published: May 12, 2003; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2002-1561

The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.

Published: April 02, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0010

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

Published: March 24, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0003

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

Published: February 07, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-1712

Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-2028

The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2002-2073

Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 4.3 MEDIUM
CVE-2002-2401

NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 3.6 LOW
CVE-2002-2413

WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-1183

Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).

Published: December 11, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-1184

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.

Published: November 12, 2002; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-0863

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."

Published: October 11, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0693

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.

Published: October 10, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0694

The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File."

Published: October 10, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0699

Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.

Published: October 04, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0862

The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.

Published: October 04, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0724

Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".

Published: September 24, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0421

IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr.

Published: August 12, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0366

Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2002-0367

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

Published: June 25, 2002; 12:00:00 AM -04:00
    V2: 7.2 HIGH