Microsoft ≫ Windows 2000

An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.

Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.

The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.

The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.