Windows 2003 Server Security Vulnerabilities and Issues — Windows 2003 Server CVE List

Lucene search

MicrosoftWindows 2003 Server

10 matches found

CVE•added 2005/10/21 6:2 p.m.•90 views

CVE-2005-2117

Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.

5.1CVSS7.2AI score0.61908EPSS

CVE•added 2005/10/21 6:2 p.m.•67 views

CVE-2005-2118

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explo...

5.1CVSS7.9AI score0.65565EPSS

CVE•added 2005/10/12 1:4 p.m.•62 views

CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.

5CVSS6.6AI score0.78938EPSS

CVE•added 2005/10/12 1:4 p.m.•59 views

CVE-2005-2119

The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAl...

5CVSS6.2AI score0.58234EPSS

CVE•added 2005/10/12 1:4 p.m.•57 views

CVE-2005-1978

COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.35539EPSS

CVE•added 2005/10/12 1:4 p.m.•53 views

CVE-2005-1980

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed ...

5CVSS6.4AI score0.68138EPSS

CVE•added 2005/10/21 6:2 p.m.•50 views

CVE-2005-2126

The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filen...

2.6CVSS6.7AI score0.61694EPSS

CVE•added 2005/10/21 6:2 p.m.•47 views

CVE-2005-2122

Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability th...

10CVSS7.9AI score0.65565EPSS

CVE•added 2005/10/13 10:2 a.m.•46 views

CVE-2005-1985

The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.

7.5CVSS7.6AI score0.58178EPSS

CVE•added 2005/10/06 10:2 a.m.•38 views

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, whic...

4.6CVSS6.9AI score0.0104EPSS