Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-01-20 | CVE-2003-0904 | Information Exposure vulnerability in Microsoft products Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. | 6.0 |
| 2004-01-05 | CVE-2003-0995 | Denial-Of-Service vulnerability in Windows 2000 Datacenter Server Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request. | 7.5 |
| 2003-12-31 | CVE-2003-1559 | Information Exposure vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | 5.0 |
| 2003-12-31 | CVE-2003-1544 | Denial Of Service vulnerability in Microsoft Windows MSGINA.DLL Read-Lock Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. | 6.8 |
| 2003-12-31 | CVE-2003-1505 | Unspecified vulnerability in Microsoft Internet Explorer 6 Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved. network microsoft | 4.3 |
| 2003-12-31 | CVE-2003-1484 | Buffer Errors vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | 4.3 |
| 2003-12-31 | CVE-2003-1482 | Credentials Management vulnerability in Microsoft Mn-500 Wireless Base Station The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. | 4.6 |
| 2003-12-31 | CVE-2003-1477 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clearswift Mailsweeper FOR Smtp 4.3.6/4.3.7 MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." | 7.8 |
| 2003-12-31 | CVE-2003-1472 | Buffer Errors vulnerability in 3D-Ftp 4.0 Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. | 5.0 |
| 2003-12-31 | CVE-2003-1469 | Information Exposure vulnerability in Macromedia Coldfusion and Coldfusion Professional The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | 5.0 |