Vulnerabilities > Microsoft > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
1999-12-31 | CVE-1999-1043 | Unspecified vulnerability in Microsoft Exchange Server 5.0/5.5 Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | 5.0 |
1999-12-31 | CVE-1999-1035 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | 5.0 |
1999-12-31 | CVE-1999-0815 | Unspecified vulnerability in Microsoft Windows NT 4.0 Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | 5.0 |
1999-12-31 | CVE-1999-0154 | Unspecified vulnerability in Microsoft products IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . | 5.0 |
1999-12-10 | CVE-1999-0975 | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows NT The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | 4.6 |
1999-12-01 | CVE-1999-0819 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | 5.0 |
1999-11-30 | CVE-1999-0824 | Unspecified vulnerability in Microsoft Windows NT 4.0 A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | 4.6 |
1999-11-14 | CVE-1999-1110 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. | 5.0 |
1999-11-11 | CVE-2000-0329 | Unspecified vulnerability in Microsoft products A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | 5.1 |
1999-10-31 | CVE-1999-1577 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. | 5.1 |