* * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2011-0654	119	1	DoS Exec Code Overflow	2011-02-16	2019-02-26	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information.
2	CVE-2010-4669	399		DoS	2011-01-07	2017-08-17	7.8	None	Remote	Low	Not required	None	None	Complete
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package.
3	CVE-2010-4562	200		+Info	2012-02-02	2012-02-03	4.3	None	Remote	Medium	Not required	Partial	None	None
Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652.
4	CVE-2010-4398	119	1	Overflow +Priv Bypass	2010-12-06	2018-10-12	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."
5	CVE-2010-0719	20		DoS	2010-02-26	2017-08-17	4.7	None	Local	Medium	Not required	None	None	Complete
An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application.
6	CVE-2008-6819	362	1	DoS	2009-06-01	2009-06-29	4.7	None	Local	Medium	Not required	None	None	Complete
win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of these details are obtained from third party information.
7	CVE-2007-6026	119		Exec Code Overflow	2007-11-20	2018-10-15	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
8	CVE-2007-1912			Overflow	2007-04-10	2017-10-11	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
9	CVE-2007-0843	264		Bypass	2007-02-23	2021-08-09	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.
10	CVE-2007-0214			Exec Code	2007-02-13	2018-10-12	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.
11	CVE-2007-0069			DoS Exec Code Mem. Corr.	2008-01-08	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability."
12	CVE-2006-7210			DoS	2007-06-27	2017-10-11	5.0	None	Remote	Low	Not required	None	None	Partial
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block.

Total number of vulnerabilities : 12 Page : 1 (This Page)