Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
1998-12-01 | CVE-1999-0385 | Classic Buffer Overflow vulnerability in Microsoft Exchange Server 5.5 The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | 10.0 |
1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | 4.6 |
1998-10-05 | CVE-1999-1291 | Unspecified vulnerability in Microsoft Windows 95 and Windows NT TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | 5.0 |
1998-10-01 | CVE-1999-0870 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1 Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. | 2.6 |
1998-10-01 | CVE-1999-0546 | Unspecified vulnerability in Microsoft Windows NT The Windows NT guest account is enabled. | 4.6 |
1998-10-01 | CVE-1999-0506 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a default, null, blank, or missing password. | 7.2 |
1998-10-01 | CVE-1999-0505 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT domain user or administrator account has a guessable password. | 7.2 |
1998-09-04 | CVE-1999-0871 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | 2.6 |
1998-08-01 | CVE-1999-0288 | Unspecified vulnerability in Microsoft Windows NT 4.0 The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | 5.0 |
1998-07-28 | CVE-1999-1447 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | 5.0 |