Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-11-17 | CVE-2003-0717 | Buffer Overrun vulnerability in Microsoft Windows Messenger Service The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |
| 2003-11-17 | CVE-2003-0714 | Resource Exhaustion vulnerability in Microsoft Exchange Server 2000/5.5 The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. | 7.5 |
| 2003-11-17 | CVE-2003-0712 | Cross-Site Scripting vulnerability in Microsoft Exchange Server 5.5 Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script. | 4.3 |
| 2003-11-17 | CVE-2003-0711 | Buffer Overflow vulnerability in Microsoft Windows Help And Support Center URI Handler Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL. | 7.5 |
| 2003-11-17 | CVE-2003-0662 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2000 Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method. | 9.3 |
| 2003-11-17 | CVE-2003-0660 | Unspecified vulnerability in Microsoft products The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval. | 7.5 |
| 2003-11-17 | CVE-2003-0659 | Buffer Overrun vulnerability in Microsoft ListBox/ComboBox Control User32.dll Function Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. | 7.2 |
| 2003-10-20 | CVE-2003-0666 | Unspecified vulnerability in Microsoft Wordperfect Converter Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file. | 7.5 |
| 2003-10-20 | CVE-2003-0665 | Buffer Overflow vulnerability in Microsoft Access 2000/2002/97 Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control. | 7.5 |
| 2003-10-20 | CVE-2003-0664 | Unspecified vulnerability in Microsoft Word and Works Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document. | 7.5 |