Windows 2003 Server@* Security Vulnerabilities and Issues — Page 4 of Windows 2003 Server@* CVE List

Lucene search

MicrosoftWindows 2003 Server*

230 matches found

CVE•added 2011/04/13 6:55 p.m.•51 views

CVE-2011-0670

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0671

8.4CVSS6.5AI score0.01054EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0672

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-1227

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/07/13 11:55 p.m.•51 views

CVE-2011-1875

7.2CVSS6.4AI score0.0061EPSS

CVE•added 2008/01/08 8:46 p.m.•50 views

CVE-2007-0066

The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerab...

7.1CVSS6.2AI score0.2531EPSS

CVE•added 2007/09/27 7:17 p.m.•50 views

CVE-2007-5133

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

7.1CVSS6.9AI score0.56087EPSS

CVE•added 2010/04/14 4:0 p.m.•50 views

CVE-2010-0236

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocat...

7.2CVSS6.3AI score0.01547EPSS

CVE•added 2010/03/03 7:30 p.m.•50 views

CVE-2010-0483

vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with ...

7.6CVSS7.4AI score0.81699EPSS

CVE•added 2010/04/14 4:0 p.m.•50 views

CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a f...

9.3CVSS7.6AI score0.44165EPSS

CVE•added 2011/02/09 1:0 a.m.•50 views

CVE-2011-0087

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validati...

7.2CVSS6.3AI score0.00751EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1881

8.4CVSS6.4AI score0.00759EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1882

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2013/09/11 2:3 p.m.•50 views

CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multi...

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2013/09/11 2:3 p.m.•50 views

CVE-2013-3865

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2010/08/11 6:47 p.m.•49 views

CVE-2010-1897

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local...

7.2CVSS6.2AI score0.01971EPSS

CVE•added 2011/01/07 12:0 p.m.•49 views

CVE-2010-4669

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) mess...

7.8CVSS7.2AI score0.07851EPSS

CVE•added 2011/02/10 4:0 p.m.•49 views

CVE-2011-0033

The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitra...

9.3CVSS7.6AI score0.2718EPSS

CVE•added 2011/02/09 1:0 a.m.•49 views

CVE-2011-0089

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka ...

7.2CVSS6.4AI score0.00859EPSS

CVE•added 2011/04/13 6:55 p.m.•49 views

CVE-2011-0667

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•49 views

CVE-2011-1225

7.2CVSS6.4AI score0.00827EPSS

CVE•added 2011/07/13 11:55 p.m.•49 views

CVE-2011-1283

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and w...

7.2CVSS6.5AI score0.00773EPSS

CVE•added 2011/06/16 8:55 p.m.•49 views

CVE-2011-1868

The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Memory Corruption Vulnerability."

10CVSS7.5AI score0.34714EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-1342

7.8CVSS6.2AI score0.01084EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-1343

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-3866

7.2CVSS6.5AI score0.0059EPSS

CVE•added 2009/11/11 7:30 p.m.•48 views

CVE-2009-1928

Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) o...

7.8CVSS6.4AI score0.68083EPSS

CVE•added 2009/12/13 1:30 a.m.•48 views

CVE-2009-4309

Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI fi...

9.3CVSS7.9AI score0.27797EPSS

CVE•added 2010/02/10 6:30 p.m.•48 views

CVE-2010-0023

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout...

6.9CVSS6.1AI score0.01728EPSS

CVE•added 2010/04/14 4:0 p.m.•48 views

CVE-2010-0235

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulne...

4.7CVSS6AI score0.00887EPSS

CVE•added 2011/02/09 1:0 a.m.•48 views

CVE-2011-0030

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout...

4.7CVSS6.1AI score0.01728EPSS

CVE•added 2011/04/13 6:55 p.m.•48 views

CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Respon...

9.3CVSS7.5AI score0.4891EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1234

7.2CVSS6.4AI score0.00639EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1239

7.2CVSS6.4AI score0.00623EPSS

CVE•added 2011/07/13 11:55 p.m.•48 views

CVE-2011-1883

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2009/11/11 7:30 p.m.•47 views

CVE-2009-1127

win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers ...

7.2CVSS6.1AI score0.012EPSS

CVE•added 2011/02/09 1:0 a.m.•47 views

CVE-2011-0086

7.2CVSS6.4AI score0.01164EPSS

CVE•added 2011/04/13 8:26 p.m.•47 views

CVE-2011-1235

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•47 views

CVE-2011-1241

7.2CVSS6.4AI score0.0061EPSS

CVE•added 2011/08/10 9:55 p.m.•47 views

CVE-2011-1968

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) wa...

7.1CVSS6.6AI score0.74889EPSS

CVE•added 2012/06/12 10:55 p.m.•47 views

CVE-2012-1867

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file that triggers incorre...

8.4CVSS6.7AI score0.01124EPSS

CVE•added 2011/02/09 1:0 a.m.•46 views

CVE-2011-0088

7.2CVSS6.3AI score0.00584EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1226

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1228

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1236

7.8CVSS6.5AI score0.01027EPSS

CVE•added 2011/04/13 8:26 p.m.•46 views

CVE-2011-1237

7.2CVSS6.4AI score0.01624EPSS

CVE•added 2011/07/13 11:55 p.m.•46 views

CVE-2011-1878

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/07/13 11:55 p.m.•46 views

CVE-2011-1879

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2008/04/08 11:5 p.m.•45 views

CVE-2008-0083

The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors.

9.3CVSS7.1AI score0.46987EPSS

CVE•added 2008/04/08 11:5 p.m.•45 views

CVE-2008-1086

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption.

9.3CVSS7.4AI score0.55129EPSS

Total number of security vulnerabilities230