Windows Server 2003 Security Vulnerabilities and Issues — Page 2 of Windows Server 2003 CVE List

Lucene search

MicrosoftWindows Server 2003

60 matches found

CVE•added 2009/12/09 6:30 p.m.•47 views

CVE-2009-2508

The single sign-on implementation in Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly remove credentials at the end of a network session, which allows physically proximate attackers to obtain the credentials of a previou...

6.9CVSS6.1AI score0.00766EPSS

CVE•added 2009/08/03 2:30 p.m.•47 views

CVE-2009-2653

The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor ...

4.6CVSS6.8AI score0.01841EPSS

CVE•added 2009/10/14 10:30 a.m.•46 views

CVE-2009-2529

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."

9.3CVSS7.2AI score0.26343EPSS

CVE•added 2009/12/09 6:30 p.m.•46 views

CVE-2009-3673

Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3CVSS7.4AI score0.57317EPSS

CVE•added 2009/03/10 8:30 p.m.•45 views

CVE-2009-0083

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invalid Pointer Vulnerability."

7.2CVSS6.3AI score0.00967EPSS

CVE•added 2009/06/10 6:0 p.m.•45 views

CVE-2009-1139

Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDA...

7.8CVSS6.6AI score0.59258EPSS

CVE•added 2009/07/15 3:30 p.m.•45 views

CVE-2009-1538

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data values, which allows remote attackers to execute arb...

9.3CVSS7.6AI score0.64488EPSS

CVE•added 2009/09/08 10:30 p.m.•45 views

CVE-2009-2519

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component A...

9.3CVSS7.3AI score0.37434EPSS

CVE•added 2009/10/14 10:30 a.m.•44 views

CVE-2009-2515

Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "...

7.2CVSS6.1AI score0.01635EPSS

CVE•added 2009/08/12 5:30 p.m.•41 views

CVE-2009-1922

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MS...

6.9CVSS6.3AI score0.0158EPSS

Total number of security vulnerabilities60