Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-0900 | Unspecified vulnerability in Microsoft Windows NT 4.0 The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability." | 10.0 |
| 2005-01-10 | CVE-2004-0899 | Unspecified vulnerability in Microsoft Windows NT 4.0 The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability." | 5.0 |
| 2005-01-10 | CVE-2004-0894 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program. | 7.2 |
| 2005-01-10 | CVE-2004-0893 | Unspecified vulnerability in Microsoft products The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | 7.2 |
| 2005-01-10 | CVE-2004-0571 | Unspecified vulnerability in Microsoft products Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | 10.0 |
| 2005-01-10 | CVE-2004-0568 | Unspecified vulnerability in Microsoft products HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | 10.0 |
| 2005-01-07 | CVE-1999-1431 | Unspecified vulnerability in Microsoft Zero Administration KIT 1.0 ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. | 4.6 |
| 2004-12-31 | CVE-2004-2730 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping. | 4.6 |
| 2004-12-31 | CVE-2004-2704 | Cross-Site Scripting vulnerability in multiple products Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks. | 4.3 |
| 2004-12-31 | CVE-2004-2694 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top". | 5.8 |