Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-02-06 | CVE-1999-1201 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | 5.0 |
| 1999-01-25 | CVE-1999-0357 | Unspecified vulnerability in Microsoft Windows 98 Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | 5.0 |
| 1999-01-24 | CVE-1999-1544 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | 5.0 |
| 1999-01-01 | CVE-1999-0593 | Unspecified vulnerability in Microsoft Windows NT The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | 4.9 |
| 1999-01-01 | CVE-1999-0578 | Unspecified vulnerability in Microsoft Windows NT A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | 4.6 |
| 1999-01-01 | CVE-1999-0448 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | 5.0 |
| 1999-01-01 | CVE-1999-0384 | Unspecified vulnerability in Microsoft products The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | 4.6 |
| 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | 4.6 |
| 1998-10-05 | CVE-1999-1291 | Unspecified vulnerability in Microsoft Windows 95 and Windows NT TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | 5.0 |
| 1998-10-01 | CVE-1999-0546 | Unspecified vulnerability in Microsoft Windows NT The Windows NT guest account is enabled. | 4.6 |