Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft windows nt 4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0496
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
Microsoft Windows Nt 4.0
7.1
CVSSv3
CVE-2001-0006
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock M...
Microsoft Windows Nt 4.0
1 EDB exploit
NA
CVE-1999-0366
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
Microsoft Windows Nt 4.0
NA
CVE-2003-1407
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
Microsoft Windows Nt 4.0
1 EDB exploit
7.5
CVSSv3
CVE-1999-1127
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote malicious users to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
Microsoft Windows Nt 4.0
NA
CVE-2007-1973
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
Microsoft Windows Nt 4.0
NA
CVE-2000-0197
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
Microsoft Windows Nt 4.0
NA
CVE-1999-0489
MSHTML.DLL in Internet Explorer 5.0 allows a remote malicious user to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
Microsoft Windows Nt 4.0
NA
CVE-2002-0421
IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr.
Microsoft Windows Nt 4.0
NA
CVE-1999-0728
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
Microsoft Windows Nt 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »