Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_server_2003
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 454 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-08-11 | CVE-2010-1887 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Win32k Bounds Checking Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-08-11 | CVE-2010-1897 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local users to gain privileges via a crafted application, aka "Win32k Window Creation Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-08-11 | CVE-2010-2550 | The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute arbitrary code via a crafted SMB packet, aka "SMB Pool Overflow Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-08-27 | CVE-2010-3147 | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE:... | Outlook_express, Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-10-13 | CVE-2010-2746 | Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka "Comctl32 Heap Overflow Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-10-13 | CVE-2010-2744 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed,... | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-09-15 | CVE-2010-0818 | The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unspecified "supported format," aka "MPEG-4 Codec Vulnerability." | Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-09-15 | CVE-2010-2729 | The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation... | Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-09-15 | CVE-2010-2738 | The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) Office document, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability." | Office, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-12-16 | CVE-2010-3939 | Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka "Win32k Buffer Overflow Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A |