Vulnerabilities > Microsoft > Windows NT > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0391 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | 9.8 |
| 2002-03-08 | CVE-2002-0018 | Privilege Escalation vulnerability in Microsoft Windows 2000 and Windows NT In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain. | 10.0 |
| 2001-02-16 | CVE-2001-0045 | Unspecified vulnerability in Microsoft Windows NT 4.0/Terminalserver The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | 10.0 |
| 2001-01-09 | CVE-2000-1089 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | 10.0 |
| 2000-06-01 | CVE-1999-0590 | A system does not present an appropriate legal message or warning to a user who is accessing it. | 10.0 |
| 2000-04-14 | CVE-2000-1218 | Origin Validation Error vulnerability in Microsoft products The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | 9.8 |
| 1999-05-17 | CVE-1999-0489 | Unspecified vulnerability in Microsoft Windows NT 4.0 MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | 10.0 |
| 1999-01-19 | CVE-1999-0119 | Unspecified vulnerability in Microsoft Windows NT 4.0 Windows NT 4.0 beta allows users to read and delete shares. | 10.0 |
| 1999-01-01 | CVE-1999-0226 | Data Processing Errors vulnerability in Microsoft Windows NT Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | 10.0 |
| 1999-01-01 | CVE-1999-0285 | Unspecified vulnerability in Microsoft Windows NT Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | 10.0 |