Vulnerabilities > Microsoft > Windows 2003 Server > standard
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-12-12 | CVE-2007-3901 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Directx Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file. | 8.5 |
2007-04-30 | CVE-2007-2374 | Remote Code Execution vulnerability in Microsoft Windows Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2006-12-22 | CVE-2006-6696 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL. | 6.9 |
2006-09-12 | CVE-2006-0032 | Cross-Site Scripting vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7. | 4.3 |
2006-07-06 | CVE-2006-3351 | Denial Of Service vulnerability in Microsoft Windows 2003 Server and Windows XP Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | 5.4 |
2006-06-13 | CVE-2006-2379 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. | 9.3 |
2006-06-13 | CVE-2006-2378 | Unspecified vulnerability in Microsoft products Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. network microsoft | 6.8 |
2006-06-13 | CVE-2006-2371 | Remote Access RASMAN Registry Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." | 7.5 |
2006-06-13 | CVE-2006-2370 | Remote Access Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." | 7.5 |
2006-06-13 | CVE-2006-1313 | Unspecified vulnerability in Microsoft products Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. network microsoft | 6.8 |