Vulnerabilities > Microsoft > Windows 2003 Server > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-21 | CVE-2005-2122 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to execute arbitrary commands via a shortcut (.lnk) file with long font properties that lead to a buffer overflow in the Client/Server Runtime Server Subsystem (CSRSS), a different vulnerability than CVE-2005-2118. | 10.0 |
2005-06-14 | CVE-2005-1208 | Remote Code Execution vulnerability in Microsoft Windows HTML Help Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | 10.0 |
2005-05-02 | CVE-2005-0050 | Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows NT The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." | 10.0 |
2005-05-02 | CVE-2005-0551 | Unspecified vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value. | 10.0 |
2005-01-11 | CVE-2004-0897 | Buffer Overflow vulnerability in Microsoft Windows 2003 Server and Windows XP The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
2005-01-10 | CVE-2004-0568 | Unspecified vulnerability in Microsoft products HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | 10.0 |
2005-01-10 | CVE-2004-0571 | Unspecified vulnerability in Microsoft products Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | 10.0 |
2005-01-10 | CVE-2004-0901 | Unspecified vulnerability in Microsoft products Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. | 10.0 |
2005-01-10 | CVE-2004-1080 | Remote Memory Corruption vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows NT The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." | 10.0 |
2004-11-03 | CVE-2004-0209 | Remote Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | 10.0 |