Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
2001-03-12 CVE-2001-0017 Unspecified vulnerability in Microsoft Windows NT
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
network
low complexity
microsoft
5.0
2001-03-12 CVE-2001-0016 Unspecified vulnerability in Microsoft Windows NT
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
local
low complexity
microsoft
7.2
2001-03-12 CVE-2001-0015 Unspecified vulnerability in Microsoft Windows 2000
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
local
low complexity
microsoft
7.2
2001-03-12 CVE-1999-0681 Unspecified vulnerability in Microsoft Frontpage and Personal web Server
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
network
low complexity
microsoft
5.0
2001-02-16 CVE-2001-0092 Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01/5.5
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
network
high complexity
microsoft
2.6
2001-02-16 CVE-2001-0091 Unspecified vulnerability in Microsoft Internet Explorer
The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.
network
high complexity
microsoft
2.6
2001-02-16 CVE-2001-0090 Unspecified vulnerability in Microsoft Internet Explorer 5.5
The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability.
network
high complexity
microsoft
5.1
2001-02-16 CVE-2001-0089 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.
network
high complexity
microsoft
2.6
2001-02-16 CVE-2001-0047 Unspecified vulnerability in Microsoft Windows NT 4.0/Terminalserver
The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.
network
low complexity
microsoft
7.5
2001-02-16 CVE-2001-0046 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
local
low complexity
microsoft
4.6