Vulnerabilities > Microsoft > Windows NT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1049 | Integer Overflow vulnerability in Microsoft Windows LoadImage API Function Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | 5.1 |
| 2004-12-23 | CVE-2004-1361 | Integer Overflow vulnerability in Microsoft Windows winhlp32 Phrase Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. | 5.0 |
| 2004-12-23 | CVE-2004-1305 | The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. | 5.0 |
| 2004-06-01 | CVE-2003-0807 | Remote Denial Of Service vulnerability in Microsoft Windows COM Internet Service/RPC Over HTTP Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. | 5.0 |
| 2003-12-31 | CVE-2003-1469 | Information Exposure vulnerability in Macromedia Coldfusion and Coldfusion Professional The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | 5.0 |
| 2003-10-20 | CVE-2003-0661 | Unspecified vulnerability in Microsoft products The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. | 5.0 |
| 2003-08-27 | CVE-2003-0525 | Unspecified vulnerability in Microsoft Windows NT 4.0 The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method. | 5.0 |
| 2003-06-09 | CVE-2003-0227 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2000 and Windows NT The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. | 5.0 |
| 2003-05-12 | CVE-2003-0112 | Buffer Overflow vulnerability in Microsoft Windows Kernel Message Handling Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | 4.6 |
| 2003-04-02 | CVE-2002-1561 | Denial of Service vulnerability in Microsoft Windows RPC Service The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | 5.0 |