Windows 2003 Server Security Vulnerabilities and Issues — Windows 2003 Server CVE List

Lucene search

MicrosoftWindows 2003 Server

10 matches found

CVE•added 2010/08/11 6:47 p.m.•114 views

CVE-2010-2550

The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute arbitrary code via a crafted SMB packet, aka "SM...

10CVSS9.3AI score0.81407EPSS

CVE•added 2010/08/11 6:47 p.m.•86 views

CVE-2010-2566

The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malf...

9.3CVSS8.1AI score0.21883EPSS

CVE•added 2010/08/16 6:39 p.m.•76 views

CVE-2010-1886

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes, ...

6.8CVSS7.5AI score0.01342EPSS

CVE•added 2010/08/11 6:47 p.m.•71 views

CVE-2010-1895

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka "Win32k Pool Overflow Vu...

7.2CVSS6.2AI score0.01635EPSS

CVE•added 2010/08/11 6:47 p.m.•60 views

CVE-2010-1887

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of ser...

4.4CVSS6.1AI score0.00495EPSS

CVE•added 2010/08/11 6:47 p.m.•59 views

CVE-2010-1882

Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted streaming content, a...

9.3CVSS7.7AI score0.62234EPSS

CVE•added 2010/08/27 7:0 p.m.•58 views

CVE-2010-3147

Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll f...

9.3CVSS6.3AI score0.30114EPSS

CVE•added 2010/08/11 6:47 p.m.•54 views

CVE-2010-1896

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted appli...

8.4CVSS6.2AI score0.01055EPSS

CVE•added 2010/08/11 6:47 p.m.•51 views

CVE-2010-1894

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability."

7.2CVSS6.4AI score0.0104EPSS

CVE•added 2010/08/11 6:47 p.m.•49 views

CVE-2010-1897

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local...

7.2CVSS6.2AI score0.01971EPSS