Vulnerabilities > Microsoft > Windows NT > 2003
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-08-27 | CVE-2008-3843 | Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "<~/" (less-than tilde slash) sequence followed by a crafted STYLE element. | 4.3 |
2008-08-27 | CVE-2008-3842 | Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence. | 4.3 |
2008-04-14 | CVE-2008-0927 | Resource Management Errors vulnerability in Microsoft Windows-Nt 2000/2003 dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. | 5.0 |