Vulnerabilities > Microsoft > Windows 2003 Server > web
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-10 | CVE-2005-1982 | Man In The Middle vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | 3.6 |
| 2005-08-10 | CVE-2005-1218 | Remote Desktop Protocol Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | 5.0 |
| 2005-06-14 | CVE-2005-1214 | Unspecified vulnerability in Microsoft products Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. | 5.1 |
| 2005-06-14 | CVE-2005-1212 | Buffer Overflow vulnerability in Microsoft Step-By-Step Interactive Training Bookmark Link Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. | 7.5 |
| 2005-06-14 | CVE-2005-1208 | Remote Code Execution vulnerability in Microsoft Windows HTML Help Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer. | 10.0 |
| 2005-06-14 | CVE-2005-1205 | Remote Information Disclosure vulnerability in Multiple Vendor Telnet Client The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | 5.0 |
| 2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |
| 2005-05-18 | CVE-2005-1649 | Denial of Service vulnerability in Microsoft Windows 2003 Server and Windows XP The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). | 5.0 |
| 2005-05-02 | CVE-2005-1184 | Denial Of Service vulnerability in Multiple Vendor TCP Session Acknowledgement Number The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. | 5.0 |
| 2005-05-02 | CVE-2005-0063 | Remote Code Execution vulnerability in Microsoft Windows Shell The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. | 7.5 |