| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| Windows NT RSHSVC program allows remote users to execute arbitrary commands. |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. |
| A version of finger is running that exposes valid user information to any entity on the network. |
| Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. |
| Windows NT 4.0 beta allows users to read and delete shares. |
