Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
1999-11-30 CVE-1999-0824 Unspecified vulnerability in Microsoft Windows NT 4.0
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
local
low complexity
microsoft
4.6
1999-11-17 CVE-1999-0793 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
network
high complexity
microsoft
2.6
1999-11-14 CVE-1999-1110 Unspecified vulnerability in Microsoft Internet Explorer 5.0
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
network
low complexity
microsoft
5.0
1999-11-12 CVE-2000-0330 Unspecified vulnerability in Microsoft Windows 95 and Windows 98
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
network
high complexity
microsoft
7.6
1999-11-11 CVE-2000-0329 Unspecified vulnerability in Microsoft products
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
network
high complexity
microsoft
5.1
1999-11-01 CVE-1999-0827 By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
network
high complexity
netscape microsoft
2.6
1999-11-01 CVE-1999-0354 Unspecified vulnerability in Microsoft Internet Explorer and Word
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content.
network
low complexity
microsoft
7.5
1999-10-31 CVE-1999-1577 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
network
high complexity
microsoft
5.1
1999-10-26 CVE-1999-1234 Unspecified vulnerability in Microsoft Windows NT 4.0
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
network
low complexity
microsoft
5.0
1999-10-21 CVE-2000-0327 Unspecified vulnerability in Microsoft Virtual Machine 2000/3000
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
network
high complexity
microsoft
7.6