Vulnerabilities > Microsoft > Windows 2003 Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-21 | CVE-2007-1070 | Stack Buffer Overflow vulnerability in Trend Micro Serverprotect 5.58/5.61/5.62 Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll. | 10.0 |
2007-02-13 | CVE-2007-0214 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters. | 9.3 |
2007-02-13 | CVE-2007-0211 | Privilege Escalation vulnerability in Microsoft Windows 2003 Server and Windows XP The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware." | 7.2 |
2007-02-13 | CVE-2007-0026 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. | 7.6 |
2007-02-13 | CVE-2007-0025 | Code Injection vulnerability in Microsoft Visual Studio .Net and Windows 2003 Server The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. | 9.3 |
2007-02-13 | CVE-2006-1311 | Remote Code Execution vulnerability in Microsoft Office And Microsoft Windows RichEdit Component The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. | 9.3 |
2007-01-19 | CVE-2007-0351 | Local Security vulnerability in Microsoft Windows Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. | 6.2 |
2006-12-31 | CVE-2006-6902 | Remote Security vulnerability in Microsoft Windows 2003 Server Mobilepocketpc Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-31 | CVE-2006-6901 | Remote Security vulnerability in Microsoft Windows 2003 Server R2 Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-22 | CVE-2006-6696 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL. | 6.9 |