Vulnerabilities > Microsoft > Windows 98 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-06 | CVE-2001-0721 | Unspecified vulnerability in Microsoft products Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | 5.0 |
| 2001-07-30 | CVE-2001-1055 | Denial of Service vulnerability in Windows ARP The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | 5.0 |
| 2001-01-09 | CVE-2000-1039 | Unspecified vulnerability in Microsoft products Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. | 5.0 |
| 2000-12-19 | CVE-2000-0980 | Unspecified vulnerability in Microsoft products NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network. | 5.0 |
| 2000-12-19 | CVE-2000-0979 | Unspecified vulnerability in Microsoft products File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability. | 6.4 |
| 2000-10-20 | CVE-2000-0742 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. | 5.0 |
| 2000-05-25 | CVE-2000-0404 | Unspecified vulnerability in Microsoft products The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | 5.0 |
| 2000-05-02 | CVE-2000-0347 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | 5.0 |
| 1999-12-10 | CVE-1999-0975 | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows NT The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | 4.6 |
| 1999-04-12 | CVE-1999-0444 | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows NT Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. | 5.0 |