Vulnerabilities > Microsoft > Windows 2003 Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-14 | CVE-2015-2367 | Information Exposure vulnerability in Microsoft products win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability." | 2.1 |
| 2015-07-14 | CVE-2015-2374 | Information Exposure vulnerability in Microsoft products The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon." | 3.3 |
| 2007-10-01 | CVE-2007-5143 | Unspecified vulnerability in F-Secure Anti-Virus 7.00 F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. | 1.9 |
| 2007-06-04 | CVE-2007-2999 | Unspecified vulnerability in Microsoft Windows 2003 Server Gold/Sp1/Sp2 Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names. high complexity microsoft | 1.8 |
| 2007-03-20 | CVE-2007-1537 | Local Privilege Escalation vulnerability in Microsoft Windows 2003 Server and Windows XP \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function. | 3.6 |
| 2006-08-10 | CVE-2006-4071 | Remote Denial of Service vulnerability in Microsoft Windows 2003 Server and Windows XP Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafted WMF file. | 2.6 |
| 2006-02-01 | CVE-2006-0488 | Denial-Of-Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm. | 2.1 |
| 2005-10-21 | CVE-2005-2126 | Unspecified vulnerability in Microsoft products The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. | 2.6 |
| 2005-09-01 | CVE-2005-2765 | Local Security vulnerability in Microsoft Windows 2003 Server and Windows XP The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. | 2.1 |
| 2005-08-10 | CVE-2005-1981 | Unspecified vulnerability in Microsoft Windows 2000 and Windows 2003 Server Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message. | 2.1 |