CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1359
https://notcve.org/view.php?id=CVE-1999-1359
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. • http://support.microsoft.com/support/kb/articles/q163/8/75.asp http://www.iss.net/security_center/static/7401.php •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1362
https://notcve.org/view.php?id=CVE-1999-1362
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. • http://support.microsoft.com/support/kb/articles/q160/6/01.asp http://www.iss.net/security_center/static/7403.php •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1358
https://notcve.org/view.php?id=CVE-1999-1358
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. • http://support.microsoft.com/support/kb/articles/q157/6/73.asp http://www.iss.net/security_center/static/7400.php •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-1999-1452
https://notcve.org/view.php?id=CVE-1999-1452
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. • http://marc.info/?l=bugtraq&m=91788829326419&w=2 http://marc.info/?l=ntbugtraq&m=91764169410814&w=2 http://marc.info/?l=ntbugtraq&m=91822011021558&w=2 http://support.microsoft.com/support/kb/articles/q214/8/02.asp http://www.securityfocus.com/bid/198 https://exchange.xforce.ibmcloud.com/vulnerabilities/1975 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2CVE-1999-1084 – Microsoft Windows NT 4.0 - User Shell Folders
https://notcve.org/view.php?id=CVE-1999-1084
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. • https://www.exploit-db.com/exploits/19798 http://marc.info/?l=ntbugtraq&m=90222453431604&w=2 http://support.microsoft.com/support/kb/articles/q103/8/61.asp http://www.ciac.org/ciac/bulletins/k-029.shtml http://www.securityfocus.com/bid/1044 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-008 •