Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-01-01 | CVE-1999-0448 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | 5.0 |
| 1999-01-01 | CVE-1999-0384 | Unspecified vulnerability in Microsoft products The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | 4.6 |
| 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | 4.6 |
| 1998-10-05 | CVE-1999-1291 | Unspecified vulnerability in Microsoft Windows 95 and Windows NT TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | 5.0 |
| 1998-10-01 | CVE-1999-0546 | Unspecified vulnerability in Microsoft Windows NT The Windows NT guest account is enabled. | 4.6 |
| 1998-08-01 | CVE-1999-0288 | Unspecified vulnerability in Microsoft Windows NT 4.0 The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | 5.0 |
| 1998-07-28 | CVE-1999-1447 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | 5.0 |
| 1998-06-26 | CVE-1999-0007 | USE of A Broken OR Risky Cryptographic Algorithm vulnerability in multiple products Information from SSL-encrypted sessions via PKCS #1. | 5.0 |
| 1998-06-01 | CVE-1999-0278 | Unspecified vulnerability in Microsoft Internet Information Server and Windows NT In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | 5.0 |
| 1998-05-09 | CVE-1999-1361 | Unspecified vulnerability in Microsoft Windows NT 3.5.1/4.0 Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. | 6.4 |