Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2003

74 matches found

CVE
CVEadded 2010/10/13 7:0 p.m.53 views

CVE-2010-2746

Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitr...

7.6CVSS7.8AI score0.69314EPSS
CVE
CVEadded 2010/10/26 10:0 p.m.53 views

CVE-2010-3227

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 all...

9.3CVSS7.8AI score0.54804EPSS
CVE
CVEadded 2010/05/06 12:47 p.m.52 views

CVE-2010-1735

The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 allows local users to cause a denial of service (system crash) via a 0x4c value in the second argument (aka the Msg argument) of a PostMessage function call for the DDEMLEvent window.

4.9CVSS6.3AI score0.00756EPSS
CVE
CVEadded 2010/09/15 7:0 p.m.52 views

CVE-2010-2738

The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenTy...

9.3CVSS7.3AI score0.25677EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.52 views

CVE-2010-3959

The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka "OpenType CMAP Table Vulnerability."

6.9CVSS6.4AI score0.30858EPSS
CVE
CVEadded 2010/03/31 7:30 p.m.51 views

CVE-2010-0491

Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.58996EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.51 views

CVE-2010-1894

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability."

7.2CVSS6.4AI score0.0104EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.51 views

CVE-2010-3942

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafted ...

7.2CVSS6.4AI score0.01575EPSS
CVE
CVEadded 2010/04/14 4:0 p.m.50 views

CVE-2010-0236

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocat...

7.2CVSS6.3AI score0.01547EPSS
CVE
CVEadded 2010/03/03 7:30 p.m.50 views

CVE-2010-0483

vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with ...

7.6CVSS7.4AI score0.81699EPSS
CVE
CVEadded 2010/04/14 4:0 p.m.50 views

CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a f...

9.3CVSS7.6AI score0.44165EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.49 views

CVE-2010-1897

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local...

7.2CVSS6.2AI score0.01971EPSS
CVE
CVEadded 2010/04/14 4:0 p.m.48 views

CVE-2010-0235

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulne...

4.7CVSS6AI score0.00887EPSS
CVE
CVEadded 2010/09/15 7:0 p.m.48 views

CVE-2010-2567

The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly allocate memory during the parsing of responses, which allows remote RPC servers and man-in-the-middle attackers to execute arbitrary code via a malformed response, aka "RPC Memory Corruption Vul...

9.3CVSS7.6AI score0.26873EPSS
CVE
CVEadded 2010/09/15 7:0 p.m.47 views

CVE-2010-2563

The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted document containing an unspecified value that is...

9.3CVSS7.5AI score0.33034EPSS
CVE
CVEadded 2010/10/13 7:0 p.m.45 views

CVE-2010-2741

The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability."

7.2CVSS6.3AI score0.06844EPSS
CVE
CVEadded 2010/08/27 7:0 p.m.45 views

CVE-2010-3144

Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that contains an ISP or IN...

9.3CVSS6.5AI score0.26525EPSS
CVE
CVEadded 2010/03/03 7:30 p.m.44 views

CVE-2010-0917

Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbitrary code via a long string in the fourth argument (aka helpfile argument) to the MsgBox function, l...

7.6CVSS8AI score0.81699EPSS
CVE
CVEadded 2010/10/13 7:0 p.m.44 views

CVE-2010-2740

The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability."

7.2CVSS6.3AI score0.19287EPSS
CVE
CVEadded 2010/11/04 7:0 p.m.44 views

CVE-2010-4182

Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows Server 2003 R2 Enterprise Edition SP3, Windows Vista Business SP1, and Windows 7 Professional allows local users, and possibly remote attackers, to execute arb...

9.3CVSS7.4AI score0.3316EPSS
CVE
CVEadded 2010/09/15 7:0 p.m.43 views

CVE-2010-1891

The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2, when a Chinese, Japanese, or Korean locale is enabled, does not properly allocate memory for transactions, which allows local users to gain privileges via a crafted applic...

6.9CVSS6.6AI score0.00473EPSS
CVE
CVEadded 2010/04/14 4:0 p.m.40 views

CVE-2010-0238

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

4.9CVSS6AI score0.01209EPSS
CVE
CVEadded 2010/09/15 7:0 p.m.38 views

CVE-2010-0818

The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unsp...

9.3CVSS7.6AI score0.29882EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.38 views

CVE-2010-3957

Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free...

7.3CVSS6.4AI score0.04043EPSS
Total number of security vulnerabilities74