Name: MICROSOFT : Windows NT 4.0 Workstation

8!	Microsoft Windows SMB file system client buffer overflow updated since 09.02.2005
		Buffer overflow on nework protocol parsing.
10!	Windows multiple bugs updated since 14.04.2004
		LSASSS buffer overflow, LDAP DoS, PCT buffer overflow, WinLogon buffer overflow, WMF/EMF parsing buffer overflow, HCP:// code execution, Utility Manager privilege escalation, WMI privilege escalation, LDT privilege escalation, H.323 buffer overflow, NTVDM privilege escalation, ASM.1 double free memory coruuption.
	Microsoft Windows msjet database multipl vulnerabilities
		Microsoft Windows msjet databases multiple vulnerabilities.
8!	Multiple Microsoft Windows bugs updated since 15.12.2004
		Kernel buffer overflow LSASS privilege escalation.
6!	Windows LoadImage integer overflow
		Integer overflow on bitmap size calculation.
	Windows ANI files DoS
		Installing ANI file with incorrect parameters causes syste, to freeze or crash.
	HyperTerminal buffer overflow
		Buffer overflow on .ht files parsing.
6!	Microsoft WordPad buffer overflow
		Buffer overflow during Word 95/6.0 documents conversion.
8!	Microsoft HTML Help buffer overflow
		Buffer overflow on CHM format parsing.
	Windows Shell file type spoofing
		By using class id in content-disposition it's possible ti spoof file type. Content-Disposition: attachment; filename=malware.{3050f4d8-98B5- 11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"
6!	Microsoft Windows Task Scheduler buffer overflow
		Buffer overflow during .job files parsing.
6!	Microsoft Jet Database Engine buffer overflow
		Request to database can cause buffer overflow.
10!	Windows NT/2000/XP/2003 RPC buffer overflow updated since 17.07.2003
		Multiple buffer overflows during RPC request parsing via TCP/135 and another RPC ports.
10!	Multiple Windows ASN.1 bugs updated since 11.02.2004
		Heap corruptions, heap buffer overflows open possibilities for attack via different protocols and applications.
7!	Win32 'Shatter' attacks updated since 22.08.2002
		Is priveleged application doesn't check system messages data it may be possible to execute code in application context by setting callback functions or excluding limits causing buffer overflws.
10!	Windows Messenger service buffer overflow updated since 16.10.2003
		Buffer overflow on message receiving.
7!	Buffer Overflow in Tshoot.ocx Windows Troubleshooter ActiveX updated since 16.10.2003
	Windows ListBox/ComboBox buffer overflow
		Buffer overflow in Windows components makes it possible to launch shatter attack.
8!	Microsoft Windows Authenticode protection bypass
		There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
	Microsoft Windows NetBIOS information leak
		Uninitialized memory structure during reply to NetBIOS name request allows attacker to read few bytes from remote host's memory.
7!	Windows DirectX MIDI integer overflow updated since 24.07.2003
		Integer overflow during MIDI processing leads to heap corruption allowing code execution.
6!	Multiple SNMP problems updated since 13.02.2002
		Multiple problems in different SNMP implementation can lead to DoS, remote code execution, etc.
7!	Windows NTLM relaying attacks updated since 14.09.2000
		Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
7!	Windows NT/2000/XP kernel buffer overflow
		Stack based overflow during debug message processing.
	Microsoft RPC DoS
		Malformed request to RPC Endpoint Mapper (TCP/135) may cause RPC services to crash.
7!	Windows Script Engine integer overflow
		Integer overflow on array's sort() function.
	Microsoft Windows NT cmd.exe buffer overflow
		Buffer overflow (Windows NT) or batch failure (Windows 2000) on oversized paths.
	Group policy DoS in Windows NT/2000 updated since 05.12.2001
		By putting exclusive lock on group policy file it's possible to stop group policy from applying domainwide.
7!	Buffer overflow in Windows 2000/NT SMB protocol updated since 23.08.2002
		Malcrafted SMB quiery into port 139/445 causes server to crash.
	DoS against Windows and other systems updated since 20.05.2000
		A number of fragmented packet cause host to freeze during the attack.
6!	Microsoft RAS Phonebook buffer overflow updated since 05.12.2000
		Buffer overflow.
8!	Debploit: Microsoft Windows NT/2000 debug API privelege escalation updated since 15.03.2002
		By connection to PLC port DbgSsApiPOrt it's possible to obtain handler for any process or thread for debugging.
6!	Buffer overflow in Windows NT/2000/XP updated since 04.04.2002
		Buffer overflow on long request to MUP (Multiple UNC Provider)
	DoS против Windows 2000/NT (stream3 flood) updated since 10.01.2001
	Локальный DoS в Windows NT/2000
	Дырка в API Windows NT 4.0 (GetFullPathName buffer overflow)
	Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string)
	Дырка в Windows NT (NTLMSSP) updated since 08.02.2001
	Локальный DoS против Windows NT (mutex) updated since 26.01.2001
	DoS через Windows NT Task Scheduler
6!	NAPTHA - DoS через открытые/полуоткрытые соединения updated since 05.12.2000
6!	Очередный проблемы с разрешениями в реестре Windows NT updated since 24.10.2000
	DoS против NetBIOS/TCP/IP - NBT flood
7!	Многочисленные дырки в LPC Windows 2000/NT
6!	Проблема с локальной безопасностью в NT - SystemLoadAndCallImage
	Серьезная проблема с реализацией NetBIOS (NetBT) в Windows
	Уязвимость в NT - относительнный путь к оболочке пользователя.
	DoS против Windows - конфликт имен NetBIOS
6!	DoS против Windows NT
6!	DoS против протокола SMB (Server) в WinNT/Win2K
	Уязвимость в NTLMv1
	Проблемы со службой обзора (Browser)
	Переполнение буфера в CMD updated since 21.04.2000
6!	Microsoft выпустил патч накладывающий корректные разрешения реестра
6!	DoS-атака на сервис печати TCP/IP Windows NT