Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-06-09 | CVE-2003-0306 | Local Security vulnerability in Windows XP Gold Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter. | 7.2 |
2003-06-09 | CVE-2003-0227 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2000 and Windows NT The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. | 5.0 |
2003-06-09 | CVE-2003-0226 | Unspecified vulnerability in Microsoft Internet Information Services 5.0 Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled. | 5.0 |
2003-06-09 | CVE-2003-0225 | Unspecified vulnerability in Microsoft products The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page. | 5.0 |
2003-06-09 | CVE-2003-0224 | Unspecified vulnerability in Microsoft Internet Information Services 5.0 Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun." | 10.0 |
2003-06-09 | CVE-2003-0223 | Unspecified vulnerability in Microsoft products Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. network microsoft | 6.8 |
2003-06-09 | CVE-2002-1564 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | 5.0 |
2003-05-27 | CVE-2003-0228 | Unspecified vulnerability in Microsoft Windows Media Player 7.1 Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. | 7.5 |
2003-05-12 | CVE-2003-0233 | Unspecified vulnerability in Microsoft IE and Internet Explorer Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. | 7.5 |
2003-05-12 | CVE-2003-0118 | Unspecified vulnerability in Microsoft Biztalk Server 2000/2002 SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement. | 7.5 |