Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

61 matches found

CVE•added 2017/03/17 12:59 a.m.•1208 views

CVE-2017-0147

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory ...

7.5CVSS5.7AI score0.92418EPSS

CVE•added 2017/03/17 12:59 a.m.•1081 views

CVE-2017-0001

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2017/03/17 12:59 a.m.•1048 views

CVE-2017-0005

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2017/03/17 12:59 a.m.•1014 views

CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted app...

7.8CVSS6.2AI score0.6193EPSS

CVE•added 2017/03/17 12:59 a.m.•884 views

CVE-2017-0022

Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for fi...

6.5CVSS4.3AI score0.44582EPSS

CVE•added 2017/03/17 12:59 a.m.•325 views

CVE-2017-0055

Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site scripting and run scr...

6.1CVSS5.4AI score0.01387EPSS

CVE•added 2017/03/17 12:59 a.m.•219 views

CVE-2017-0025

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k E...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2017/03/17 12:59 a.m.•217 views

CVE-2017-0047

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2017/03/17 12:59 a.m.•144 views

CVE-2017-0108

The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via...

9.3CVSS7AI score0.36288EPSS

CVE•added 2017/03/17 12:59 a.m.•123 views

CVE-2017-0060

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

5.5CVSS4.3AI score0.03112EPSS

CVE•added 2017/03/17 12:59 a.m.•121 views

CVE-2017-0073

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.3CVSS4.3AI score0.14618EPSS

CVE•added 2017/03/17 12:59 a.m.•116 views

CVE-2017-0100

A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation o...

7.8CVSS6.2AI score0.30443EPSS

CVE•added 2017/03/17 12:59 a.m.•112 views

CVE-2017-0099

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted applicati...

5.4CVSS5.2AI score0.00651EPSS

CVE•added 2017/03/17 12:59 a.m.•111 views

CVE-2017-0114

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•109 views

CVE-2017-0062

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.7CVSS4.3AI score0.14618EPSS

CVE•added 2017/03/17 12:59 a.m.•105 views

CVE-2017-0087

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2...

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•102 views

CVE-2017-0014

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, ak...

7.6CVSS6.2AI score0.36288EPSS

CVE•added 2017/03/17 12:59 a.m.•97 views

CVE-2017-0045

Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."

5.5CVSS5.1AI score0.05478EPSS

CVE•added 2017/03/17 12:59 a.m.•97 views

CVE-2017-0050

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows Server 2016 does not properly enforce permissions, which allows local users to spoof processes, spoo...

7.8CVSS5.7AI score0.03663EPSS

CVE•added 2017/03/17 12:59 a.m.•96 views

CVE-2017-0056

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS6AI score0.06734EPSS

CVE•added 2017/03/17 12:59 a.m.•96 views

CVE-2017-0104

The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability."

9.3CVSS6.1AI score0.34862EPSS

CVE•added 2017/03/17 12:59 a.m.•95 views

CVE-2017-0072

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•91 views

CVE-2017-0116

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•91 views

CVE-2017-0121

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•90 views

CVE-2017-0103

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."

7CVSS6AI score0.01188EPSS

CVE•added 2017/03/17 12:59 a.m.•90 views

CVE-2017-0123

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•89 views

CVE-2017-0039

Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."

9.3CVSS6.5AI score0.13525EPSS

CVE•added 2017/03/17 12:59 a.m.•89 views

CVE-2017-0042

Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "Windows...

3.1CVSS3.4AI score0.19033EPSS

CVE•added 2017/03/17 12:59 a.m.•89 views

CVE-2017-0084

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows ...

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•89 views

CVE-2017-0090

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•87 views

CVE-2017-0063

The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to bypass ASL...

6.5CVSS5.4AI score0.18487EPSS

CVE•added 2017/03/17 12:59 a.m.•87 views

CVE-2017-0118

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•86 views

CVE-2017-0074

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "H...

5.4CVSS5.2AI score0.00651EPSS

CVE•added 2017/03/17 12:59 a.m.•85 views

CVE-2017-0076

5.4CVSS5.2AI score0.00651EPSS

CVE•added 2017/03/17 12:59 a.m.•85 views

CVE-2017-0097

5.4CVSS5.2AI score0.00651EPSS

CVE•added 2017/03/17 12:59 a.m.•85 views

CVE-2017-0119

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•83 views

CVE-2017-0083

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•83 views

CVE-2017-0113

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•82 views

CVE-2017-0089

9.3CVSS7.4AI score0.62388EPSS

CVE•added 2017/03/17 12:59 a.m.•81 views

CVE-2017-0043

Active Directory Federation Services in Microsoft Windows 10 1607, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Microsoft Active Directory Federation Services Informati...

5.3CVSS4.4AI score0.05993EPSS

CVE•added 2017/03/17 12:59 a.m.•80 views

CVE-2017-0075

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote...

7.6CVSS6.9AI score0.04458EPSS

CVE•added 2017/03/17 12:59 a.m.•80 views

CVE-2017-0096

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyp...

2.6CVSS4.3AI score0.01077EPSS

CVE•added 2017/03/17 12:59 a.m.•80 views

CVE-2017-0102

Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let attackers with access to targets systems gain privileges when Windows fails to properly validate buf...

7.8CVSS6.3AI score0.00687EPSS

CVE•added 2017/03/17 12:59 a.m.•79 views

CVE-2017-0085

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•79 views

CVE-2017-0092

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•79 views

CVE-2017-0109

7.6CVSS6.9AI score0.04458EPSS

CVE•added 2017/03/17 12:59 a.m.•79 views

CVE-2017-0111