Lucene search
K
MicrosoftWindows 2003 Serveritanium

15 matches found

CVE
CVE
added 2006/08/09 1:0 a.m.181 views

CVE-2006-3439

CVE-2006-3439 is a buffer overflow in the Server Service (SRVSVC) RPC interface that can be triggered by malformed parameters to SRVSVC API functions, enabling remote code execution on affected Windows versions. Public context from connected docs shows exploits and disclosures tied to MS06-040, a...

10CVSS7.3AI score0.85461EPSS
CVE
CVE
added 2006/07/11 9:0 p.m.97 views

CVE-2006-1314

CVE-2006-1314 is a heap-based buffer overflow in the Windows Server Service (SRV.SYS) that affects Windows 2000 SP4, XP SP1/SP2, and Server 2003 (up to SP1). The vulnerability allows remote code execution via crafted first-class Mailslot messages, triggering memory corruption and bypassing size r...

7.5CVSS7.8AI score0.64231EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.78 views

CVE-2005-1979

CVE-2005-1979 affects the Microsoft Distributed Transaction Coordinator (MSDTC) TIP handling. A denial-of-service can occur when a remote attacker sends a crafted TIP message, potentially terminating MSDTC and affecting dependent services. The issue is mitigated by MS05-051 updates across Windows...

5CVSS6.6AI score0.36279EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.78 views

CVE-2005-2119

Mode C: CVE-2005-2119 is discussed in connected docs as a MSDTC DoS variant: remote attackers can crash MSDTC by sending a BuildContextW request with a large UuidString or GuidIn, causing out-of-range memory access. It notes this is a variant of CVE-2005-2119 and affects the Microsoft Distributed...

5CVSS6.2AI score0.39128EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.71 views

CVE-2005-1978

CAN-2005-1978 pertains to a COM+ vulnerability in Windows (MS04-era MS05-051 context) where the COM+ component creates/uses memory structures in a way that could allow remote code execution and local privilege escalation. The linked MS05-051 bulletin confirms affected platforms include Windows 20...

7.5CVSS7.2AI score0.56856EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.65 views

CVE-2005-1980

CVE-2005-1980 corresponds to the MSDTC TIP Denial of Service vulnerability described in Microsoft Security Bulletin MS05-051 (CAN-2005-1980). The flaw affects MSDTC TIP processing, enabling a remote attacker to cause the DTC service to stop responding by sending a crafted TIP message. Microsoft l...

5CVSS6.4AI score0.47338EPSS
CVE
CVE
added 2005/11/29 9:0 p.m.63 views

CVE-2005-2124

The CVE-2005-2124 entry concerns a vulnerability in the Windows Graphics Rendering Engine (GDI32.DLL) affecting Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. The flaw stems from an unchecked buffer in WMF handling, enabling remote code execution via a crafted Windows Metafile image. Exploita...

7.6CVSS7.5AI score0.59625EPSS
CVE
CVE
added 2006/09/12 11:0 p.m.62 views

CVE-2006-3873

CVE-2006-3873 describes a heap-based buffer overflow in URLMON.DLL of Microsoft Internet Explorer 6 SP1 on Windows 2000/XP SP1, exploitable via a long URL in a GZIP-compressed HTTP-redirected web page. The issue is tied to an incomplete fix for CVE-2006-3869 and is mitigated by applying the MS06-...

7.5CVSS7.9AI score0.2857EPSS
CVE
CVE
added 2005/11/29 9:0 p.m.61 views

CVE-2005-2123

CVE-2005-2123 affects the Windows GDI32.DLL Graphics Rendering Engine, with heap-based buffer overflows triggered by crafted WMF/EMF image data. Affected systems include Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. Root cause is overflow/unchecked size handling in image rendering, enabling ...

7.5CVSS7.6AI score0.6508EPSS
CVE
CVE
added 2006/07/31 11:0 p.m.58 views

CVE-2006-3942

CVE-2006-3942 is a denial-of-service vulnerability in the Windows Server Service (SRV.SYS) affecting Windows NT 4.0, 2000, XP, and Server 2003. A crafted SMB_COM_TRANSACTION SMB message containing a non-terminated string can cause a NULL dereference in ExecuteTransaction, crashing the system. The...

7.8CVSS6.6AI score0.75742EPSS
CVE
CVE
added 2007/02/13 8:0 p.m.54 views

CVE-2007-0214

CVE-2007-0214 affects the HTML Help ActiveX control (hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2/Professional, and Windows Server 2003 SP1. The vulnerability arises from improper input validation in HTML Help ActiveX methods, leading to a remote code execution flaw if a user visits a specia...

9.3CVSS7.4AI score0.26374EPSS
CVE
CVE
added 2007/04/30 11:0 p.m.53 views

CVE-2007-2374

Technical details are not publicly available in the provided documents; no affected products, vulnerable components, vectors, or fixes are specified. Monitor for updates.

9.3CVSS7.4AI score0.17432EPSS
CVE
CVE
added 2006/11/14 9:0 p.m.52 views

CVE-2006-3445

Summary (CVE-2006-3445) : A memory corruption and heap-based overflow exists in Microsoft Agent when processing specially crafted .ACF files. The flaw occurs in the ReadWideString handling within agentdpv.dll and can be triggered via a remote attack, typically by convincing a user to view a malic...

7.5CVSS7.8AI score0.40143EPSS
CVE
CVE
added 2006/07/06 1:0 a.m.51 views

CVE-2006-3351

CVE-2006-3351 is a Windows Explorer vulnerability (explorer.exe) affecting Windows XP/2003 where parsing of .url files with InternetShortcut tags can overflow the stack. A crafted .url file containing a long URL and many file: specifiers may trigger a denial of service and possibly arbitrary code...

5.4CVSS7.8AI score0.06933EPSS
CVE
CVE
added 2006/12/13 1:0 a.m.51 views

CVE-2006-5585

CVE-2006-5585 is a local privilege-elevation vulnerability in the Client-Server Run-time Subsystem (CSRSS) of Microsoft Windows XP SP2 and Windows Server 2003. The issue arises from improper processing/validation of embedded file manifests by CSRSS, which could let a logged-on attacker run a craf...

7.2CVSS6.4AI score0.01692EPSS