Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-12-31 | CVE-1999-1148 | Unspecified vulnerability in Microsoft Internet Information Server FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | 5.0 |
| 1999-12-31 | CVE-1999-1132 | Unspecified vulnerability in Microsoft Windows NT 4.0 Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | 5.0 |
| 1999-12-31 | CVE-1999-1105 | Unspecified vulnerability in Microsoft Windows 95 Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | 5.0 |
| 1999-12-31 | CVE-1999-1104 | Unspecified vulnerability in Microsoft Windows 95 Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | 4.6 |
| 1999-12-31 | CVE-1999-1093 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | 5.1 |
| 1999-12-31 | CVE-1999-1084 | Unspecified vulnerability in Microsoft Windows NT 4.0 The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | 4.6 |
| 1999-12-31 | CVE-1999-1043 | Unspecified vulnerability in Microsoft Exchange Server 5.0/5.5 Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | 5.0 |
| 1999-12-31 | CVE-1999-1035 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | 5.0 |
| 1999-12-31 | CVE-1999-0815 | Unspecified vulnerability in Microsoft Windows NT 4.0 Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | 5.0 |
| 1999-12-31 | CVE-1999-0154 | Unspecified vulnerability in Microsoft products IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . | 5.0 |