Vulnerabilities > Microsoft > Windows 2003 Server > web
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-06 | CVE-2004-0202 | Remote Malformed Packet Denial Of Service vulnerability in Microsoft DirectX DirectPlay IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2004-08-06 | CVE-2004-0201 | Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | 10.0 |
2004-06-14 | CVE-2004-0199 | Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). | 5.1 |
2004-03-03 | CVE-2003-0825 | Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows NT The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | 9.3 |
2004-03-03 | CVE-2003-0818 | Unspecified vulnerability in Microsoft products Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. | 7.5 |
2003-11-17 | CVE-2003-0717 | Buffer Overrun vulnerability in Microsoft Windows Messenger Service The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |
2003-11-17 | CVE-2003-0711 | Buffer Overflow vulnerability in Microsoft Windows Help And Support Center URI Handler Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL. | 7.5 |
2003-11-17 | CVE-2003-0660 | Unspecified vulnerability in Microsoft products The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval. | 7.5 |
2003-11-17 | CVE-2003-0659 | Buffer Overrun vulnerability in Microsoft ListBox/ComboBox Control User32.dll Function Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. | 7.2 |
2003-10-20 | CVE-2003-0661 | Unspecified vulnerability in Microsoft products The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. | 5.0 |