Lucene search
K
MicrosoftWindows 2003 Serverdatacenter 64-bit

19 matches found

CVE
CVE
added 2006/01/10 10:0 p.m.138 views

CVE-2006-0010

CVE-2006-0010 describes a heap-based buffer overflow in T2EMBED.DLL on Windows platforms (Windows 98/ME, Windows 2000 SP4, Windows XP SP1/SP2, Windows Server 2003 up to SP1). The overflow is triggered while Windows decompresses Embedded Open Type (EOT) fonts referenced by web pages or email, allo...

9.3CVSS7.7AI score0.32189EPSS
CVE
CVE
added 2006/06/13 7:0 p.m.80 views

CVE-2006-2379

CVE-2006-2379 describes a buffer overflow in the Windows TCP/IP Protocol driver related to IP source routing. Affected products include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1 and earlier. The root cause is an unchecked buffer length when processing IP source routing packets, potentiall...

9.3CVSS7.7AI score0.58027EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.75 views

CVE-2004-0893

This CVE describes two privilege-elevation flaws in Windows components from 2004: (1) the Local Procedure Call (LPC) interface in the Windows kernel fails to validate message lengths, enabling a locally-authenticated attacker to gain full control; and (2) LSASS validates identity tokens improperl...

7.2CVSS6.6AI score0.01514EPSS
CVE
CVE
added 2005/06/15 4:0 a.m.74 views

CVE-2005-1208

CVE-2005-1208 describes a remote code execution vulnerability in Microsoft HTML Help (CHM/InfoTech Storage protocols like ms-its, ms-itss, its, mk:@MSITStore). The root cause is an integer overflow/heap-based buffer overflow when processing crafted CHM content with a large size field, exploitable...

10CVSS7.9AI score0.4715EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.73 views

CVE-2004-0568

HyperTerminal for Windows NT 4.0/2000/XP/Server 2003 contains a buffer overflow in session file handling due to improper validation of a value’s length. This allows a remote attacker to execute arbitrary code when a user opens a malicious HyperTerminal session file (.ht), or follows a web/Telnet ...

10CVSS7.9AI score0.35155EPSS
CVE
CVE
added 2005/08/10 4:0 a.m.71 views

CVE-2005-1218

CVE-2005-1218 describes a denial-of-service in the Microsoft Windows Remote Desktop Protocol (RDP) service affecting Windows 2000/XP/Server 2003. Root cause: an input-validation flaw in how RDP messages are processed, which could allow a remote attacker to crash the RDP service by sending a craft...

5CVSS6.4AI score0.61183EPSS
CVE
CVE
added 2006/04/12 12:0 a.m.71 views

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

5.1CVSS7.5AI score0.24069EPSS
CVE
CVE
added 2006/02/14 7:0 p.m.71 views

CVE-2006-0013

Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...

6.5CVSS7.4AI score0.34854EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.69 views

CVE-2004-0894

CVE-2004-0894 is a local elevation-of-privilege issue in LSASS on Microsoft Windows 2000 Server and Windows Server 2003. The vulnerability stems from incomplete validation of connection information by LSASS, allowing a locally authenticated user to gain complete control of the system by running a...

7.2CVSS6.5AI score0.03629EPSS
CVE
CVE
added 2005/05/18 4:0 a.m.68 views

CVE-2005-1649

CVE-2005-1649 affects Windows XP SP2, Windows Server 2003 SP1, and Longhorn. It describes a LAND-like denial-of-service vector in IPv6 TCP/IP where a crafted TCP SYN packet uses the same source and destination IP and port, causing high CPU or unresponsiveness. The vulnerability is a variant of CV...

5CVSS6.5AI score0.21776EPSS
CVE
CVE
added 2006/02/14 7:0 p.m.66 views

CVE-2006-0008

The CVE-2006-0008 issue affects the Korean Input Method Editor (IME) on Windows XP SP1/SP2, Windows Server 2003 up to SP1, and Office 2003. A privilege-elevation flaw exists in the Korean IME; an attacker who can log on (locally or via Remote Desktop/Terminal Services) could exploit the ShellAbou...

7.2CVSS6.4AI score0.01657EPSS
CVE
CVE
added 2006/02/14 7:0 p.m.65 views

CVE-2006-0021

The CVE-2006-0021 issue affects Microsoft Windows TCP/IP implementation on Windows XP SP1/SP2 and Windows Server 2003 up to SP1, where a specially crafted IGMPv3 packet can trigger a denial‑of‑service (system hang). Root cause: failure to properly validate IGMP packets in the TCP/IP stack, allowi...

7.8CVSS6.4AI score0.62882EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.61 views

CVE-2004-1306

The connected advisories confirm a heap-based buffer overflow in winhlp32.exe that can be triggered by a crafted .hlp file, exposing remote code execution on affected Windows versions: Windows NT, Windows 2000 (SP4), Windows XP (SP2), and Windows Server 2003. Root cause: unsafe handling during ph...

5.1CVSS8AI score0.34537EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.58 views

CVE-2005-1214

CVE-2005-1214 involves a spoofing flaw in Microsoft Agent that could allow remote attackers to impersonate trusted Internet content and potentially execute arbitrary code when a user visits a malicious Web page. Connected docs confirm the vulnerability (CAN-2005-1214) exists in Microsoft Agent an...

5.1CVSS7.5AI score0.12773EPSS
CVE
CVE
added 2005/04/19 4:0 a.m.57 views

CVE-2005-1184

The CVE-2005-1184 entry describes a DoS in the TCP/IP stack across multiple operating systems: a remote attacker sends a TCP packet with the correct sequence number but an incorrect Acknowledgement number, triggering a flood of keep-alive packets and CPU consumption. The impact is listed as Parti...

5CVSS6.9AI score0.36998EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.57 views

CVE-2005-1212

CVE-2005-1212 is a buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe). A crafted bookmark link file with a long User field in extensions .cbo/.cbl/.cbm allows remote code execution, running with the caller’s privileges. The issue affects Step-by-Step Interactive Training ...

7.5CVSS7.8AI score0.24804EPSS
CVE
CVE
added 2005/07/27 4:0 a.m.55 views

CVE-2005-2388

CVE-2005-2388 describes a buffer overflow in a USB driver used on Microsoft Windows that could allow an attacker to execute arbitrary code. The provided documents do not specify the affected product name, exact driver version, or root cause details beyond the general buffer overflow. Exploit info...

7.2CVSS7.8AI score0.01796EPSS
CVE
CVE
added 2006/01/09 8:0 p.m.55 views

CVE-2006-0143

The Connected advisory CPAI-2006-171 documents a denial-of-service flaw in Microsoft Windows’ Graphics Rendering Engine (GRE) when parsing certain WMF files. Specifically, a crafted WMF with ExtCreateRegion or ExtEscape calls can trigger a memory read/parse error in GRE, causing the host applicat...

7.5CVSS6.7AI score0.39042EPSS
CVE
CVE
added 2006/07/06 1:0 a.m.51 views

CVE-2006-3351

CVE-2006-3351 is a Windows Explorer vulnerability (explorer.exe) affecting Windows XP/2003 where parsing of .url files with InternetShortcut tags can overflow the stack. A crafted .url file containing a long URL and many file: specifiers may trigger a denial of service and possibly arbitrary code...

5.4CVSS7.8AI score0.06933EPSS