Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows 2003 Serveritanium

15 matches found

CVE
CVEadded 2006/08/09 1:4 a.m.136 views

CVE-2006-3439

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

10CVSS7.3AI score0.88959EPSS
CVE
CVEadded 2006/07/11 9:5 p.m.73 views

CVE-2006-1314

Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size r...

7.5CVSS7.8AI score0.76532EPSS
CVE
CVEadded 2005/10/12 1:4 p.m.62 views

CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.

5CVSS6.6AI score0.78938EPSS
CVE
CVEadded 2005/10/12 1:4 p.m.59 views

CVE-2005-2119

The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAl...

5CVSS6.2AI score0.58234EPSS
CVE
CVEadded 2005/10/12 1:4 p.m.57 views

CVE-2005-1978

COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.35539EPSS
CVE
CVEadded 2005/10/12 1:4 p.m.53 views

CVE-2005-1980

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed ...

5CVSS6.4AI score0.68138EPSS
CVE
CVEadded 2005/11/29 9:3 p.m.50 views

CVE-2005-2124

Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "...

7.6CVSS7.5AI score0.76596EPSS
CVE
CVEadded 2005/11/29 9:3 p.m.49 views

CVE-2005-2123

Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as...

7.5CVSS7.6AI score0.63244EPSS
CVE
CVEadded 2006/09/12 11:7 p.m.45 views

CVE-2006-3873

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the ta...

7.5CVSS7.9AI score0.72358EPSS
CVE
CVEadded 2006/07/31 11:4 p.m.43 views

CVE-2006-3942

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTr...

7.8CVSS6.6AI score0.84208EPSS
CVE
CVEadded 2007/02/13 8:28 p.m.42 views

CVE-2007-0214

The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.

9.3CVSS7.4AI score0.58096EPSS
CVE
CVEadded 2006/11/14 9:7 p.m.40 views

CVE-2006-3445

Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.

7.5CVSS7.8AI score0.62144EPSS
CVE
CVEadded 2007/04/30 11:19 p.m.39 views

CVE-2007-2374

Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source...

9.3CVSS7.4AI score0.39655EPSS
CVE
CVEadded 2006/07/06 1:5 a.m.37 views

CVE-2006-3351

Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers.

5.4CVSS7.8AI score0.25495EPSS
CVE
CVEadded 2006/12/13 1:28 a.m.35 views

CVE-2006-5585

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."

7.2CVSS6.4AI score0.0074EPSS