Vulnerabilities > Microsoft > Windows 2003 Server > r2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-21 | CVE-2005-2118 | Remote Code Execution Variant vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | 5.1 |
2005-10-21 | CVE-2005-2117 | Unspecified vulnerability in Microsoft products Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code. | 5.1 |
2005-10-13 | CVE-2005-1985 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages. | 7.5 |
2005-10-12 | CVE-2005-2119 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer. | 5.0 |
2005-10-12 | CVE-2005-1980 | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." | 5.0 |
2005-10-12 | CVE-2005-1979 | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. | 5.0 |
2005-10-12 | CVE-2005-1978 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | 7.5 |
2005-10-06 | CVE-2005-3177 | Local Security vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed. | 4.6 |
2005-08-10 | CVE-2005-1984 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. | 7.5 |
2005-08-10 | CVE-2005-1982 | Man In The Middle vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | 3.6 |