Product:

Windows_2003_server

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 407
Date Id Summary Products Score Patch Annotated
2007-08-14 CVE-2007-3034 Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow. Windows_2000, Windows_2003_server, Windows_server_2003, Windows_xp N/A
2007-06-04 CVE-2007-2999 Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names. Windows_2003_server N/A
2007-10-09 CVE-2007-2228 rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although... Windows_2000, Windows_2003_server, Windows_vista, Windows_xp N/A
2007-08-14 CVE-2007-2224 Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. Office, Visual_basic, Windows_2000, Windows_2003_server, Windows_xp N/A
2007-06-12 CVE-2007-2219 Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified function. Windows_2000, Windows_2003_server, Windows_xp N/A
2007-06-12 CVE-2007-2218 Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake. Windows_2000, Windows_2003_server, Windows_xp N/A
2007-04-10 CVE-2007-1912 Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. Windows_2000, Windows_2003_server, Windows_nt, Windows_xp N/A
2007-03-26 CVE-2007-1692 The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross... Windows_2000, Windows_2003_server N/A
2007-03-20 CVE-2007-1537 \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function. Windows_2003_server, Windows_xp N/A
2007-04-04 CVE-2007-1215 Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images. Windows_2000, Windows_2003_server, Windows_vista, Windows_xp N/A