| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. |
| Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE-2004-1104, although the manipulations are slightly different. |
| The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Denial of service in RAS/PPTP on NT systems. |
| IIS newdsn.exe CGI script allows remote users to overwrite files. |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. |
| Denial of service in Windows NT messenger service through a long username. |
| Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. |
| Bonk variation of teardrop IP fragmentation denial of service. |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. |
| Denial of service in IIS using long URLs. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. |
