Vulnerabilities > Microsoft > Windows 2003 Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-13 | CVE-2009-4313 | Buffer Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file. | 9.3 |
| 2009-12-13 | CVE-2009-4312 | Code Injection vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe. | 9.3 |
| 2009-12-13 | CVE-2009-4311 | Code Injection vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. | 9.3 |
| 2009-12-13 | CVE-2009-4310 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. | 9.3 |
| 2009-12-13 | CVE-2009-4309 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | 9.3 |
| 2009-12-13 | CVE-2009-4210 | Code Injection vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content. | 9.3 |
| 2009-12-09 | CVE-2009-3675 | Resource Management Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability." | 6.8 |
| 2009-10-14 | CVE-2009-2527 | Buffer Errors vulnerability in Microsoft Windows Media Player 6.4 Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability." | 9.3 |
| 2009-10-14 | CVE-2009-2507 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability." | 9.3 |
| 2009-08-12 | CVE-2009-1924 | Numeric Errors vulnerability in Microsoft Windows 2000 and Windows 2003 Server Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability." | 9.3 |