Total
555 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0807 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2018-10-12 | 5.0 MEDIUM | N/A |
Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. | |||||
CVE-2003-0533 | 1 Microsoft | 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more | 2018-10-12 | 7.5 HIGH | N/A |
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | |||||
CVE-2003-0469 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2018-10-12 | 7.5 HIGH | N/A |
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. | |||||
CVE-2008-3365 | 2 Microsoft, Pixelpost | 7 Windows, Windows-nt, Windows 2000 and 4 more | 2018-10-11 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter. | |||||
CVE-2009-4310 | 2 Microsoft, Windows | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. | |||||
CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | |||||
CVE-2009-4210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-10 | 9.3 HIGH | N/A |
The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content. | |||||
CVE-2012-1821 | 2 Microsoft, Symantec | 2 Windows 2003 Server, Endpoint Protection | 2018-01-04 | 5.0 MEDIUM | N/A |
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. | |||||
CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2017-10-10 | 10.0 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | |||||
CVE-2007-1912 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2017-10-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. | |||||
CVE-2007-2186 | 2 Foxit, Microsoft | 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more | 2017-10-10 | 5.0 MEDIUM | N/A |
Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | |||||
CVE-2006-7210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-10-10 | 5.0 MEDIUM | N/A |
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | |||||
CVE-2010-4701 | 1 Microsoft | 3 Windows 2003 Server, Windows 7, Windows Xp | 2017-09-18 | 7.6 HIGH | N/A |
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute arbitrary code via a long record in a Fax Cover Page (.cov) file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4313 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-09-18 | 9.3 HIGH | N/A |
ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file. | |||||
CVE-2009-4311 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-09-18 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615. | |||||
CVE-2009-4312 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-09-18 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe. | |||||
CVE-2012-3324 | 2 Ibm, Microsoft | 8 Db2, Db2 Connect, Windows 2000 and 5 more | 2017-08-28 | 9.0 HIGH | N/A |
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | |||||
CVE-2011-4847 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/. | |||||
CVE-2011-4855 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-28 | 9.3 HIGH | N/A |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/customer-service-plan/list/reset-search/true/ and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | |||||
CVE-2011-4856 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-28 | 9.3 HIGH | N/A |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health/parameters and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. |