Windows Server 2003@* Security Vulnerabilities and Issues — Windows Server 2003@* CVE List

Lucene search

MicrosoftWindows Server 2003*

3 matches found

CVE•added 2007/11/14 1:46 a.m.•65 views

CVE-2007-3898

The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

6.4CVSS6.3AI score0.85355EPSS

CVE•added 2007/08/14 9:17 p.m.•62 views

CVE-2007-3034

Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.

9.3CVSS7.7AI score0.76881EPSS

CVE•added 2007/09/27 7:17 p.m.•50 views

CVE-2007-5133

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

7.1CVSS6.9AI score0.56087EPSS