Microsoft

Windows Server 2003

455 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 17.02%
  • Veröffentlicht 11.03.2009 14:19:15
  • Zuletzt bearbeitet 16.06.2026 23:04:14

Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-...

  • EPSS 23.46%
  • Veröffentlicht 11.03.2009 14:19:15
  • Zuletzt bearbeitet 16.06.2026 23:04:15

The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra...

  • EPSS 27.07%
  • Veröffentlicht 11.03.2009 14:19:15
  • Zuletzt bearbeitet 16.06.2026 23:04:33

The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which mak...

  • EPSS 34.44%
  • Veröffentlicht 11.03.2009 14:19:15
  • Zuletzt bearbeitet 16.06.2026 23:04:33

The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transacti...

  • EPSS 1.46%
  • Veröffentlicht 10.03.2009 20:30:06
  • Zuletzt bearbeitet 16.06.2026 23:04:13

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invali...

  • EPSS 15.19%
  • Veröffentlicht 10.03.2009 20:30:06
  • Zuletzt bearbeitet 16.06.2026 23:04:14

The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's k...

  • EPSS 1.35%
  • Veröffentlicht 10.03.2009 20:30:01
  • Zuletzt bearbeitet 16.06.2026 23:04:13

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified...

  • EPSS 32.11%
  • Veröffentlicht 10.03.2009 20:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:13

The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote...

  • EPSS 1.45%
  • Veröffentlicht 28.01.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:45

Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe...

  • EPSS 6.28%
  • Veröffentlicht 21.01.2009 20:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:34

Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device,...