Vulnerabilities > Microsoft > Windows 2003 Server > enterprise
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-30 | CVE-2007-2374 | Remote Code Execution vulnerability in Microsoft Windows Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2006-07-06 | CVE-2006-3351 | Denial Of Service vulnerability in Microsoft Windows 2003 Server and Windows XP Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | 5.4 |
2006-06-13 | CVE-2006-2379 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. | 9.3 |
2006-05-10 | CVE-2006-1184 | Buffer Overflow vulnerability in Microsoft Windows MSDTC Heap Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. | 5.0 |
2006-05-10 | CVE-2006-0034 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. | 7.5 |
2006-04-12 | CVE-2006-0012 | Remote Code Execution vulnerability in Microsoft Windows Shell COM Object Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." | 5.1 |
2006-04-03 | CVE-2006-1591 | Heap Overflow vulnerability in Microsoft Windows Help Image Processing Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. | 5.1 |
2006-02-14 | CVE-2006-0021 | Buffer Errors vulnerability in Microsoft Windows 2003 Server and Windows XP Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." | 7.8 |
2006-02-14 | CVE-2006-0013 | Buffer Overflow vulnerability in Microsoft Windows 2003 Server and Windows XP Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. | 6.5 |
2006-02-14 | CVE-2006-0008 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Office, Windows 2003 Server and Windows XP The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. | 7.2 |