Vulnerabilities > Microsoft > Windows 2003 Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-12 | CVE-2008-0088 | Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request. | 6.8 |
| 2008-01-08 | CVE-2007-5352 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows local users to gain privileges via a crafted local procedure call (LPC) request. | 7.2 |
| 2008-01-08 | CVE-2007-0069 | Remote Buffer Overflow vulnerability in Microsoft Windows 2003 Server, Windows Vista and Windows XP Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability." | 9.3 |
| 2008-01-08 | CVE-2007-0066 | Unspecified vulnerability in Microsoft products The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability." network microsoft | 7.1 |
| 2007-12-12 | CVE-2007-3901 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file. | 8.5 |
| 2007-12-12 | CVE-2007-3895 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file. | 9.3 |
| 2007-12-12 | CVE-2007-0064 | Buffer Errors vulnerability in Microsoft products Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | 9.3 |
| 2007-11-20 | CVE-2007-6026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. | 9.3 |
| 2007-11-14 | CVE-2007-3898 | Configuration vulnerability in Microsoft products The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors. | 6.4 |
| 2007-10-19 | CVE-2007-5587 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Macrovision Safedisc Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild. | 6.9 |