Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_server_2003
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 454 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-10-15 | CVE-2014-4115 | fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability." | Windows_server_2003, Windows_server_2008, Windows_vista | N/A | ||
| 2014-11-11 | CVE-2014-4076 | Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability." | Windows_server_2003 | N/A | ||
| 2014-07-08 | CVE-2014-1767 | Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." | Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2003, Windows_server_2008, Windows_server_2012, Windows_vista | N/A | ||
| 2013-12-10 | CVE-2013-3899 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability." | Windows_server_2003, Windows_xp | N/A | ||
| 2013-12-10 | CVE-2013-3878 | Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability." | Windows_server_2003, Windows_xp | N/A | ||
| 2013-09-11 | CVE-2013-3863 | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability." | Windows_server_2003, Windows_xp | N/A | ||
| 2013-05-24 | CVE-2013-3661 | The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain. | Windows_7, Windows_8, Windows_rt, Windows_server_2003, Windows_server_2008, Windows_server_2012, Windows_vista, Windows_xp | N/A | ||
| 2013-08-14 | CVE-2013-3198 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197. | Windows_7, Windows_8, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2013-08-14 | CVE-2013-3197 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3198. | Windows_7, Windows_8, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2013-08-14 | CVE-2013-3196 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3197 and CVE-2013-3198. | Windows_7, Windows_8, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A |