| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. |
| The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine. |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. |
| Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. |
| Denial of service through Winpopup using large user names. |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. |
| Denial of service in various Windows systems via malformed, fragmented IGMP packets. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. |
| The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities. |
| The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. |
