CVE-1999-1463

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jul 10, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1463 is a vulnerability affecting Windows NT 4.0 before Service Pack 3. Malicious actors can exploit this issue by sending improperly fragmented IP packets without the initial fragment. The TCP/IP stack inaccurately reassembles these packets, allowing attackers to bypass firewall restrictions or cause a denial of service (crash). This issue can lead to potential security breaches or network downtime. Microsoft released a patch to address this vulnerability in SP3.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows NT

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlWs0
https://www.cve.org/CVERecord?id=CVE-1999-1463
https://nvd.nist.gov/vuln/detail/CVE-1999-1463

Back to Vulnerability Database