Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-03-24 | CVE-2003-0011 | Denial of Service vulnerability in Microsoft ISA Server 2000 Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | 5.0 |
| 2003-03-24 | CVE-2003-0010 | Heap Overflow vulnerability in Microsoft Windows Script Engine JScript.DLL Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | 7.5 |
| 2003-03-07 | CVE-2003-0009 | Buffer Overflow vulnerability in Microsoft Windows Help and Support Center Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. network microsoft | 6.8 |
| 2003-02-19 | CVE-2003-1328 | Unspecified vulnerability in Microsoft IE and Internet Explorer The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." | 7.5 |
| 2003-02-19 | CVE-2003-1326 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." | 7.5 |
| 2003-02-19 | CVE-2003-0004 | Privilege Escalation vulnerability in Microsoft Windows XP Redirector Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | 7.2 |
| 2003-02-07 | CVE-2003-0007 | Unspecified vulnerability in Microsoft Outlook 2002 Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." | 5.0 |
| 2003-02-07 | CVE-2003-0003 | Buffer Overflow vulnerability in Microsoft Windows Locator Service Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. | 7.5 |
| 2003-02-07 | CVE-2003-0002 | Cross-Site Scripting vulnerability in Microsoft Content Management Server 2001 Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. network microsoft | 6.8 |
| 2003-01-17 | CVE-2003-0001 | Information Exposure vulnerability in multiple products Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | 5.0 |