Microsoft Windows Nt vulnerabilities

CVE-1999-0899 [HIGH] CWE-264 CVE-1999-0899: The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropri The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.

CVE-1999-0898 [HIGH] CWE-119 CVE-1999-0898: Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.

CVE-1999-1234 [MEDIUM] CVE-1999-1234: LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL po LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.

CVE-1999-0909 [HIGH] CWE-264 CVE-1999-0909: Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a ma Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.

CVE-1999-0886 [CRITICAL] CWE-16 CVE-1999-0886: The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.

CVE-2000-0328 [MEDIUM] CVE-2000-0328: Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.

CVE-1999-0700 [MEDIUM] CWE-119 CVE-1999-0700: Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.i Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.

CVE-1999-0224 [MEDIUM] CVE-1999-0224: Denial of service in Windows NT messenger service through a long username. Denial of service in Windows NT messenger service through a long username.

CVE-1999-0721 [HIGH] CWE-20 CVE-1999-0721: Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

CVE-1999-0728 [HIGH] CWE-264 CVE-1999-0728: A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control the A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.

CVE-1999-0918 [HIGH] CWE-20 CVE-1999-0918: Denial of service in various Windows systems via malformed, fragmented IGMP packets. Denial of service in various Windows systems via malformed, fragmented IGMP packets.

CVE-1999-0726 [HIGH] CWE-20 CVE-1999-0726: An attacker can conduct a denial of service in Windows NT by executing a program with a malformed fi An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

CVE-1999-0723 [HIGH] CVE-1999-0723: The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

CVE-1999-0874 [CRITICAL] CWE-119 CVE-1999-0874: Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed requ Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.

CVE-1999-0755 [MEDIUM] CWE-255 CVE-1999-0755: Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

CVE-1999-0715 [MEDIUM] CVE-1999-0715: Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or caus Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

CVE-1999-0489 [CRITICAL] CVE-1999-0489: MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file uplo MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.

CVE-1999-0716 [MEDIUM] CVE-1999-0716: Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

CVE-1999-0717 [LOW] CVE-1999-0717: A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

CVE-1999-0382 [HIGH] CVE-1999-0382: The screen saver in Windows NT does not verify that its security context has been changed properly, The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.