Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

8 matches found

CVE•added 2011/08/10 9:55 p.m.•154 views

CVE-2011-1965

Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability."

7.1CVSS6.3AI score0.76338EPSS

CVE•added 2011/08/10 9:55 p.m.•97 views

CVE-2011-1966

The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."

10CVSS7.5AI score0.65816EPSS

CVE•added 2011/08/10 9:55 p.m.•65 views

CVE-2011-1967

Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process de...

7.2CVSS6.4AI score0.00214EPSS

CVE•added 2011/08/10 9:55 p.m.•55 views

CVE-2011-1970

The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerabili...

5CVSS6.6AI score0.61465EPSS

CVE•added 2011/08/10 9:55 p.m.•53 views

CVE-2011-1871

Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."

7.8CVSS6.4AI score0.74922EPSS

CVE•added 2011/08/10 9:55 p.m.•50 views

CVE-2011-1971

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."

4.7CVSS5.9AI score0.01221EPSS

CVE•added 2011/08/10 9:55 p.m.•47 views

CVE-2011-1975

Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as de...

9.3CVSS6.4AI score0.56019EPSS

CVE•added 2011/08/10 9:55 p.m.•43 views

CVE-2011-1263

Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability."

4.3CVSS5.7AI score0.64343EPSS