Vulnerabilities > Microsoft > Windows 2003 Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-25 | CVE-2012-3324 | Path Traversal vulnerability in IBM DB2 and DB2 Connect Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | 9.0 |
| 2012-05-24 | CVE-2012-1821 | Unspecified vulnerability in Symantec Endpoint Protection The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. | 5.0 |
| 2012-05-02 | CVE-2012-2006 | Remote Security vulnerability in HP Insight Management Agents Unspecified Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. | 4.9 |
| 2012-05-02 | CVE-2012-2005 | Cross-Site Scripting vulnerability in HP Insight Management Agents Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-05-02 | CVE-2012-2004 | Improper Input Validation vulnerability in HP Insight Management Agents Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 8.3 |
| 2012-05-02 | CVE-2012-2003 | Cross-Site Request Forgery (CSRF) vulnerability in HP Insight Management Agents Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2012-02-02 | CVE-2010-4562 | Information Exposure vulnerability in Microsoft products Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. | 4.3 |
| 2011-12-16 | CVE-2011-4856 | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health/parameters and certain other files. | 9.3 |
| 2011-12-16 | CVE-2011-4855 | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/customer-service-plan/list/reset-search/true/ and certain other files. | 9.3 |
| 2011-12-16 | CVE-2011-4854 | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. | 9.3 |