Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0715 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows NT

4 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

1.9%

top 16.88%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows NT

Timeline

PublishedMay 20

Latest updateApr 30

Description

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

🔴Vulnerability Details

GHSA

GHSA-w83x-7v2j-2q4m: Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook en↗2022-04-30

▶

CVEList

CVE-1999-0715: Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook en↗2000-01-04

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Phonebook Buffer Overflow↗1999-05-20

▶