| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. |
| IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
| Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. |
| Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. |
| A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. |