Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1998-10-05 | CVE-1999-1291 | Unspecified vulnerability in Microsoft Windows 95 and Windows NT TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | 5.0 |
| 1998-10-01 | CVE-1999-0870 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1 Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. | 2.6 |
| 1998-10-01 | CVE-1999-0546 | Unspecified vulnerability in Microsoft Windows NT The Windows NT guest account is enabled. | 4.6 |
| 1998-10-01 | CVE-1999-0506 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a default, null, blank, or missing password. | 7.2 |
| 1998-10-01 | CVE-1999-0505 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a guessable password. | 7.2 |
| 1998-09-04 | CVE-1999-0871 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | 2.6 |
| 1998-08-01 | CVE-1999-0288 | Unspecified vulnerability in Microsoft Windows NT 4.0 The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | 5.0 |
| 1998-07-28 | CVE-1999-1447 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | 5.0 |
| 1998-06-29 | CVE-1999-1556 | Unspecified vulnerability in Microsoft SQL Server 6.5 Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. | 7.2 |
| 1998-06-26 | CVE-1999-0007 | USE of A Broken OR Risky Cryptographic Algorithm vulnerability in multiple products Information from SSL-encrypted sessions via PKCS #1. | 5.0 |