Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-11-17 | CVE-2003-0717 | Buffer Overrun vulnerability in Microsoft Windows Messenger Service The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |
| 2003-11-17 | CVE-2003-0714 | Resource Exhaustion vulnerability in Microsoft Exchange Server 2000/5.5 The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. | 7.5 |
| 2003-11-17 | CVE-2003-0711 | Buffer Overflow vulnerability in Microsoft Windows Help And Support Center URI Handler Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL. | 7.5 |
| 2003-11-17 | CVE-2003-0660 | Unspecified vulnerability in Microsoft products The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval. | 7.5 |
| 2003-11-17 | CVE-2003-0659 | Buffer Overrun vulnerability in Microsoft ListBox/ComboBox Control User32.dll Function Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. | 7.2 |
| 2003-11-17 | CVE-2002-1569 | gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | 7.5 |
| 2003-11-17 | CVE-2001-1411 | Local Security vulnerability in Apple mac OS X 10.4.9 Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | 7.2 |
| 2003-11-04 | CVE-2003-1141 | Remote Buffer Overrun vulnerability in Network Instruments Niprint Lpd-Lpr Print Server 4.10 Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. | 7.5 |
| 2003-11-03 | CVE-2003-1196 | SQL Injection vulnerability in Vienuke Vieboard 2.6/2.6Beta1 SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | 7.5 |
| 2003-11-03 | CVE-2003-1193 | SQL Injection vulnerability in Oracle9iAS Portal Component Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL. | 7.5 |