Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2003
Subscriptions
Total
653 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-0005 | 1 Microsoft | 9 .net Framework, Management Odata Iis Extension, Windows 7 and 6 more | 2024-08-06 | N/A |
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability." | ||||
CVE-2013-0006 | 1 Microsoft | 15 Expression Web, Groove Server, Office and 12 more | 2024-08-06 | N/A |
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability." | ||||
CVE-2013-0019 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerability." | ||||
CVE-2013-0004 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability." | ||||
CVE-2013-0077 | 1 Microsoft | 4 Windows Server 2003, Windows Server 2008, Windows Vista and 1 more | 2024-08-06 | N/A |
Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Office document, aka "Media Decompression Vulnerability." | ||||
CVE-2013-0002 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability." | ||||
CVE-2013-0001 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a pointer to an unmanaged memory location, aka "System Drawing Information Disclosure Vulnerability." | ||||
CVE-2013-0030 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability." | ||||
CVE-2014-9748 | 3 Libuv, Microsoft, Nodejs | 4 Libuv, Windows Server 2003, Windows Xp and 1 more | 2024-08-06 | 8.1 High |
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. | ||||
CVE-2014-7286 | 2 Microsoft, Symantec | 3 Windows Server 2003, Windows Xp, Deployment Solution | 2024-08-06 | N/A |
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors. | ||||
CVE-2014-6321 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability." | ||||
CVE-2014-6355 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Graphics Component Information Disclosure Vulnerability." | ||||
CVE-2014-6324 | 1 Microsoft | 6 Windows 7, Windows 8, Windows 8.1 and 3 more | 2024-08-06 | 8.8 High |
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability." | ||||
CVE-2014-6317 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability." | ||||
CVE-2014-6332 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability." | ||||
CVE-2014-4113 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | 7.8 High |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability." | ||||
CVE-2014-4148 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | 8.8 High |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka "TrueType Font Parsing Remote Code Execution Vulnerability." | ||||
CVE-2014-4123 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2024-08-06 | 8.8 High |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124. | ||||
CVE-2014-4118 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability." | ||||
CVE-2014-4115 | 1 Microsoft | 3 Windows Server 2003, Windows Server 2008, Windows Vista | 2024-08-06 | N/A |
fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability." |