Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 2003 Server*

230 matches found

CVE
CVEadded 2008/06/12 2:32 a.m.45 views

CVE-2008-1445

Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.

7.1CVSS6AI score0.58627EPSS
CVE
CVEadded 2010/10/13 7:0 p.m.45 views

CVE-2010-2741

The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability."

7.2CVSS6.3AI score0.06844EPSS
CVE
CVEadded 2011/04/13 8:26 p.m.45 views

CVE-2011-0675

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVEadded 2011/07/13 11:55 p.m.45 views

CVE-2011-1884

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.0061EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.44 views

CVE-2009-4310

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, ...

9.3CVSS7.8AI score0.27797EPSS
CVE
CVEadded 2010/03/03 7:30 p.m.44 views

CVE-2010-0917

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, l...

7.6CVSS8AI score0.81699EPSS
CVE
CVEadded 2010/10/13 7:0 p.m.44 views

CVE-2010-2740

The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability."

7.2CVSS6.3AI score0.19287EPSS
CVE
CVEadded 2011/02/09 1:0 a.m.44 views

CVE-2011-0039

The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain privileges via a request with a crafted length, aka "LSASS Length Validation Vulnerability."

7.2CVSS6.6AI score0.0128EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.44 views

CVE-2011-0665

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVEadded 2011/04/13 8:26 p.m.44 views

CVE-2011-1233

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS
CVE
CVEadded 2007/04/10 11:19 p.m.43 views

CVE-2007-1912

Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.

6.8CVSS7AI score0.21615EPSS
CVE
CVEadded 2008/10/15 12:12 a.m.43 views

CVE-2008-3464

afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted p...

7.2CVSS6.2AI score0.01882EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.43 views

CVE-2009-4311

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.

9.3CVSS7.2AI score0.2022EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.43 views

CVE-2009-4312

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.

9.3CVSS7.5AI score0.2022EPSS
CVE
CVEadded 2011/02/09 1:0 a.m.43 views

CVE-2011-0040

The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka...

5CVSS6.6AI score0.40229EPSS
CVE
CVEadded 2011/02/10 4:0 p.m.43 views

CVE-2011-0043

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."

7.2CVSS6.4AI score0.00651EPSS
CVE
CVEadded 2011/04/13 8:26 p.m.43 views

CVE-2011-0674

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVEadded 2011/04/13 8:26 p.m.43 views

CVE-2011-1232

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS
CVE
CVEadded 2012/06/12 10:55 p.m.43 views

CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to g...

7.2CVSS6.3AI score0.00872EPSS
CVE
CVEadded 2007/02/13 8:28 p.m.42 views

CVE-2007-0214

The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.

9.3CVSS7.4AI score0.58096EPSS
CVE
CVEadded 2007/09/12 1:17 a.m.42 views

CVE-2007-3036

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."

6.9CVSS6.3AI score0.03161EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.42 views

CVE-2009-4210

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content.

9.3CVSS7.3AI score0.22332EPSS
CVE
CVEadded 2010/02/26 7:30 p.m.42 views

CVE-2010-0719

An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application.

4.7CVSS6.4AI score0.00416EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.42 views

CVE-2011-0666

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVEadded 2011/06/16 8:55 p.m.41 views

CVE-2011-1264

Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory Certific...

4.3CVSS5.7AI score0.02977EPSS
CVE
CVEadded 2010/04/14 4:0 p.m.40 views

CVE-2010-0238

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

4.9CVSS6AI score0.01209EPSS
CVE
CVEadded 2007/04/30 11:19 p.m.39 views

CVE-2007-2374

Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source...

9.3CVSS7.4AI score0.39655EPSS
CVE
CVEadded 2008/08/13 12:42 p.m.39 views

CVE-2008-1456

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of function ...

9CVSS7AI score0.55037EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.38 views

CVE-2010-3957

Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free...

7.3CVSS6.4AI score0.04043EPSS
CVE
CVEadded 2007/06/12 8:30 p.m.37 views

CVE-2007-2219

Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified function.

9.3CVSS7.5AI score0.58096EPSS
Total number of security vulnerabilities230