Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1998-10-01 | CVE-1999-0506 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a default, null, blank, or missing password. | 7.2 |
| 1998-10-01 | CVE-1999-0505 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a guessable password. | 7.2 |
| 1998-09-29 | CVE-1999-0969 | Unspecified vulnerability in Microsoft Windows NT 4.0 The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork. | 5.0 |
| 1998-09-04 | CVE-1999-0871 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | 2.6 |
| 1998-08-01 | CVE-1999-0344 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows NT 3.5.1/4.0 NT users can gain debug-level access on a system process using the Sechole exploit. | 7.2 |
| 1998-08-01 | CVE-1999-0288 | Unspecified vulnerability in Microsoft Windows NT 4.0 The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | 5.0 |
| 1998-07-28 | CVE-1999-1447 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | 5.0 |
| 1998-06-29 | CVE-1999-1556 | Unspecified vulnerability in Microsoft SQL Server 6.5 Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. | 7.2 |
| 1998-06-26 | CVE-1999-0007 | USE of A Broken OR Risky Cryptographic Algorithm vulnerability in multiple products Information from SSL-encrypted sessions via PKCS #1. | 5.0 |
| 1998-06-01 | CVE-1999-0278 | Unspecified vulnerability in Microsoft Internet Information Server and Windows NT In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | 5.0 |