Page 40 of 317 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. • https://www.exploit-db.com/exploits/19853 http://www.securityfocus.com/archive/1/470458/100/0/threaded http://www.securityfocus.com/bid/1117 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-028 https://exchange.xforce.ibmcloud.com/vulnerabilities/34720 •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. • http://www.kb.cert.org/vuls/id/458659 https://exchange.xforce.ibmcloud.com/vulnerabilities/4280 • CWE-346: Origin Validation Error •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. • http://www.securityfocus.com/bid/1105 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-024 •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 1

Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. • https://www.exploit-db.com/exploits/19827 http://archives.neohapsis.com/archives/bugtraq/2000-03/0306.html http://www.securityfocus.com/bid/1082 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-021 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2

Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. • https://www.exploit-db.com/exploits/19754 http://www.securityfocus.com/bid/993 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd%24fdb5a620%244c4342a6%40mightye.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •