Microsoft

Windows 2003 Server

405 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2007-0843

Exploit
  • EPSS 0.39%
  • Published 23.02.2007 02:28:00
  • Last modified 09.04.2025 00:30:58

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDir...

9.3

CVE-2006-1311

  • EPSS 73.65%
  • Published 13.02.2007 20:28:00
  • Last modified 09.04.2025 00:30:58

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute ar...

9.3

CVE-2007-0025

  • EPSS 65.29%
  • Published 13.02.2007 20:28:00
  • Last modified 09.04.2025 00:30:58

The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers ...

7.6

CVE-2007-0026

  • EPSS 52.41%
  • Published 13.02.2007 20:28:00
  • Last modified 09.04.2025 00:30:58

The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.

7.2

CVE-2007-0211

  • EPSS 2.35%
  • Published 13.02.2007 20:28:00
  • Last modified 09.04.2025 00:30:58

The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of...

9.3

CVE-2007-0214

  • EPSS 62.47%
  • Published 13.02.2007 20:28:00
  • Last modified 09.04.2025 00:30:58

The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.

10

CVE-2006-6901

  • EPSS 30.58%
  • Published 31.12.2006 05:00:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.

10

CVE-2006-6902

  • EPSS 30.58%
  • Published 31.12.2006 05:00:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.

6.9

CVE-2006-6696

  • EPSS 7.48%
  • Published 22.12.2006 02:28:00
  • Last modified 09.04.2025 00:30:58

Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Serv...

6.8

CVE-2006-4702

  • EPSS 55.72%
  • Published 13.12.2006 01:28:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.