Filtered by vendor Microsoft
Subscriptions
Total
20427 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0223 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-11-20 | N/A |
| Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. | ||||
| CVE-2003-0118 | 1 Microsoft | 1 Biztalk Server | 2024-11-20 | N/A |
| SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement. | ||||
| CVE-2003-0117 | 1 Microsoft | 1 Biztalk Server | 2024-11-20 | N/A |
| Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver. | ||||
| CVE-2003-0116 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-20 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." | ||||
| CVE-2003-0115 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-20 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. | ||||
| CVE-2003-0114 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-20 | N/A |
| The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files. | ||||
| CVE-2003-0113 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-20 | N/A |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | ||||
| CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-11-20 | N/A |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | ||||
| CVE-2003-0111 | 1 Microsoft | 3 Virtual Machine, Windows 2000, Windows 2000 Terminal Services | 2024-11-20 | N/A |
| The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise." | ||||
| CVE-2003-0110 | 1 Microsoft | 2 Isa Server, Proxy Server | 2024-11-20 | N/A |
| The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. | ||||
| CVE-2003-0109 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-11-20 | N/A |
| Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. | ||||
| CVE-2003-0011 | 1 Microsoft | 1 Isa Server | 2024-11-20 | N/A |
| Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | ||||
| CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2024-11-20 | N/A |
| Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | ||||
| CVE-2003-0009 | 1 Microsoft | 2 Windows Me, Windows Xp | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. | ||||
| CVE-2003-0007 | 1 Microsoft | 1 Outlook | 2024-11-20 | N/A |
| Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." | ||||
| CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2024-11-20 | N/A |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | ||||
| CVE-2003-0003 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-11-20 | N/A |
| Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. | ||||
| CVE-2003-0002 | 1 Microsoft | 1 Content Management Server | 2024-11-20 | N/A |
| Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. | ||||
| CVE-2003-0001 | 5 Freebsd, Linux, Microsoft and 2 more | 6 Freebsd, Linux Kernel, Windows 2000 and 3 more | 2024-11-20 | 5.3 Medium |
| Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | ||||
| CVE-2002-2435 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-20 | N/A |
| The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. | ||||