Lucene search
+L
MicrosoftWindows 2003 Serversp2

19 matches found

CVE
CVE
added 2009/08/12 5:0 p.m.147 views

CVE-2009-1930

The CVE-2009-1930 entry describes a Telnet Credential Reflection vulnerability in Windows Telnet service. A remote attacker could trigger arbitrary code execution by replaying NTLM credentials from a client to the Telnet server. Affected products include Windows 2000 (SP4), XP (SP2/SP3), Server 2...

10CVSS7.5AI score0.41388EPSS
CVE
CVE
added 2007/04/13 6:0 p.m.117 views

CVE-2007-1748

This CVE refers to a stack-based buffer overflow in the Microsoft DNS Server RPC interface (DnssrvQuery) that can be triggered by a long zone name containing escape sequences, leading to remote code execution. Affected products include Windows 2000 Server and Windows Server 2003 (SP1/SP2). The un...

10CVSS9.6AI score0.79128EPSS
CVE
CVE
added 2007/03/30 8:0 p.m.110 views

CVE-2007-0038

CVE-2007-0038 is a stack-based buffer overflow in Windows’ animated cursor handling (LoadAniIcon) affecting Windows 2000 SP4 through Vista, triggered by malformed RIFF ANI/cur/ico files and causing memory corruption in cursor/icon processing. A remote attacker could execute arbitrary code or caus...

9.3CVSS7.8AI score0.7288EPSS
CVE
CVE
added 2007/06/06 9:0 p.m.92 views

CVE-2007-3091

CVE-2007-3091 is the Internet Explorer cross-domain document switching race-condition vulnerability. The issue occurs in Internet Explorer (notably IE6 SP1 and IE7 on multiple Windows versions) where a page transition can inadvertently reveal or execute content across origins due to a race betwee...

7.1CVSS7.2AI score0.27748EPSS
CVE
CVE
added 2009/06/10 5:37 p.m.87 views

CVE-2009-0229

The CVE-2009-0229 vulnerability affects the Windows Print Spooler across multiple Windows variants (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2). It is a local information-disclosure flaw where a crafted Separator Page enables local users to read arbitrary files ...

4.9CVSS7AI score0.03931EPSS
CVE
CVE
added 2007/04/04 4:0 p.m.81 views

CVE-2007-1215

CVE-2007-1215 is a Local Elevation of Privilege vulnerability in the Graphics Device Interface (GDI) of Windows. The issue arises when rendering certain images with color-related parameters, causing an unchecked buffer/length handling in GDI. A logged-on attacker could potentially gain full contr...

7.2CVSS6.5AI score0.02721EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.76 views

CVE-2009-1929

The CVE-2009-1929 entry maps to MS09-044 vulnerabilities in the Microsoft Remote Desktop Connection/Terminal Services Client ActiveX control. A heap-based buffer overflow in the ActiveX control (versions 5.2 and 6.1) could allow remote code execution when a user connects to a malicious server or ...

9.3CVSS8.1AI score0.34534EPSS
CVE
CVE
added 2007/04/10 9:0 p.m.72 views

CVE-2007-1206

CVE-2007-1206 describes a Windows Kernel local privilege elevation due to incorrect permissions on a mapped memory segment (PAGE_READWRITE) for a physical memory view, enabling an unprivileged user to modify the zero page and gain privileges. Affected systems include Windows NT 4.0; 2000 SP4; XP ...

7.2CVSS6AI score0.02709EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.71 views

CVE-2009-1544

CVE-2009-1544 affects the Windows Workstation (wkssvc) service where improper memory handling during RPC processing (NetrGetJoinInformation) causes a double-free. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2 (Gold), Server 2008 (Gold/SP2). Impact per sources: remote authenticated ...

9CVSS6.5AI score0.20644EPSS
Web
CVE
CVE
added 2008/02/12 8:0 p.m.68 views

CVE-2008-0088

Summary: CVE-2008-0088 describes a denial-of-service in Microsoft Active Directory and ADAM caused by improper validation of crafted LDAP requests. Affected components include Active Directory on Windows 2000 Server and Windows Server 2003, and ADAM on Windows XP/Server 2003. The underlying root ...

6.8CVSS6.3AI score0.28948EPSS
CVE
CVE
added 2007/06/12 7:0 p.m.66 views

CVE-2007-2218

CVE-2007-2218 maps to a heap corruption/remote code execution vulnerability in the Windows Schannel security package. MS07-031 describes an issue where server-sent digital signatures are not adequately checked during the SSL handshake, allowing a remote attacker to execute code (browser or app us...

9.3CVSS7.6AI score0.12544EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.65 views

CVE-2009-1546

CVE-2009-1546 is an AVI parsing vulnerability in Windows where an integer overflow in Avifil32.dll used by the AVI/RIFF handling code can allow remote code execution when a user opens a specially crafted AVI file. The issue affects multiple Windows editions (2000 SP4, XP SP2/SP3, Server 2003 SP2,...

8.5CVSS7.9AI score0.22464EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.64 views

CVE-2009-1545

CVE-2009-1545 is an AVI header parsing vulnerability in Windows affecting Avifil32.dll used by AVI header processing. A remote code execution could occur if a user opens a specially crafted AVI file, with affected OS versions listed as Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista (Gold/SP...

9.3CVSS7.5AI score0.28592EPSS
CVE
CVE
added 2007/04/04 4:0 p.m.62 views

CVE-2007-1211

CVE-2007-1211 is the WMF/GDI-related vulnerability affecting Windows 2000 SP4, XP SP2, and Windows Server 2003 SP1/SP2 where a crafted WMF triggers an invalid dereference in a kernel structure, enabling user-assisted denial of service (potential persistent restart). The CVE is linked to CVE-2005-...

7.1CVSS6.1AI score0.31274EPSS
CVE
CVE
added 2008/01/08 8:0 p.m.62 views

CVE-2007-5352

CVE-2007-5352 is a local privilege-escalation vulnerability in Microsoft Windows LSASS. The root cause is LSASS’s improper handling of specially crafted LPC requests, which could allow a local attacker to execute code with SYSTEM privileges and take full control of the affected system. Affected p...

7.2CVSS6.2AI score0.02571EPSS
CVE
CVE
added 2007/04/10 9:0 p.m.61 views

CVE-2007-1205

CVE-2007-1205 is a remote code execution vulnerability in Microsoft Agent (msagent\agentsvr.exe) on Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 SP1/SP2. The flaw arises from how Microsoft Agent handles certain specially crafted URLs, leading to memory corruption and arbitrary code e...

9.3CVSS7.4AI score0.30914EPSS
CVE
CVE
added 2007/06/04 5:0 p.m.58 views

CVE-2007-2999

CVE-2007-2999 affects Microsoft Windows Server 2003 where time-restricted user accounts produce different error messages for failed logins with valid usernames versus invalid usernames. This behavior enables context-dependent attackers to enumerate valid Active Directory account names. The vulner...

1.8CVSS6.5AI score0.01641EPSS
CVE
CVE
added 2007/04/04 4:0 p.m.56 views

CVE-2007-1212

The CVE-2007-1212 entry concerns a buffer overflow in the Graphics Device Interface (GDI) when processing Enhanced Metafile (EMF) images. Affected products listed in the initial description are Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, SP2; and Windows Vista. The underlying issue is a GDI ...

6.6CVSS6.3AI score0.02129EPSS
CVE
CVE
added 2007/06/12 8:0 p.m.49 views

CVE-2007-2219

CVE-2007-2219 is a remote code-execution flaw in the Win32 API present on Windows 2000 SP4, XP SP2, and Server 2003 SP1/SP2. The vulnerability stems from improper validation of parameters passed to a Win32 API function, enabling an attacker to execute arbitrary code by convincing a user to view a...

9.3CVSS7.5AI score0.31808EPSS