Vulnerabilities > Microsoft > Windows NT > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-06-25 | CVE-2002-0367 | Local Privilege Elevation vulnerability in Microsoft Windows 2000 and Windows NT smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | 7.2 |
| 2002-04-04 | CVE-2002-0151 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | 7.2 |
| 2002-03-15 | CVE-2002-0070 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | 7.6 |
| 2002-03-08 | CVE-2002-0053 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. | 7.5 |
| 2001-12-06 | CVE-2001-0663 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. | 5.0 |
| 2001-10-30 | CVE-2001-0662 | Denial of Service vulnerability in Microsoft Windows NT 4.0 RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request. | 5.0 |
| 2001-09-20 | CVE-2001-0543 | Memory Leak vulnerability in Microsoft Exchange Server, Windows 2000 and Windows NT Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. | 5.0 |
| 2001-09-20 | CVE-2001-0509 | Improper Input Validation vulnerability in Microsoft products Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | 5.0 |
| 2001-08-31 | CVE-2001-1452 | Origin Validation Error vulnerability in Microsoft Windows 2000 and Windows NT By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses. | 7.5 |
| 2001-08-31 | CVE-2000-1200 | Unspecified vulnerability in Microsoft Windows NT 4.0 Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | 5.0 |