CVSS: 9.8EPSS: 48%CPEs: 2EXPL: 1CVE-1999-0819 – DeskPro 1.1 - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-1999-0819
01 Dec 1999 — NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. • https://www.exploit-db.com/exploits/23264 •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-1999-0824
https://notcve.org/view.php?id=CVE-1999-0824
30 Nov 1999 — A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. • http://www.securityfocus.com/bid/833 •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0CVE-1999-0987
https://notcve.org/view.php?id=CVE-1999-0987
18 Nov 1999 — Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ237923 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 16%CPEs: 3EXPL: 1CVE-2000-0073 – Microsoft Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 - Riched Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0073
17 Nov 1999 — Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. • https://www.exploit-db.com/exploits/19633 •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-1999-0898
https://notcve.org/view.php?id=CVE-1999-0898
04 Nov 1999 — Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ243649 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 7EXPL: 1CVE-1999-0899 – Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Spoolss.exe' DLL Insertion
https://notcve.org/view.php?id=CVE-1999-0899
04 Nov 1999 — The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. • https://www.exploit-db.com/exploits/19594 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 15%CPEs: 1EXPL: 0CVE-1999-1234
https://notcve.org/view.php?id=CVE-1999-1234
26 Oct 1999 — LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. • http://marc.info/?l=ntbugtraq&m=94096671308565&w=2 •
CVSS: 9.1EPSS: 5%CPEs: 10EXPL: 0CVE-1999-0909
https://notcve.org/view.php?id=CVE-1999-0909
20 Sep 1999 — Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238453 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 38%CPEs: 6EXPL: 1CVE-1999-0886 – Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0886
17 Sep 1999 — The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. • https://www.exploit-db.com/exploits/19502 • CWE-16: Configuration •
CVSS: 9.1EPSS: 22%CPEs: 6EXPL: 0CVE-2000-0328
https://notcve.org/view.php?id=CVE-2000-0328
24 Aug 1999 — Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. • http://www.securityfocus.com/bid/604 •