Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0117 1Microsoft 6Netmeeting Windows 2000Windows 2003 Server+3 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
CVE-2004-0116 1Microsoft 3Windows 2000 Windows 2003 ServerWindows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with...Show more An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.Show less
CVE-2003-0909 1Microsoft 1Windows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnera...Show more Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."Show less
CVE-2003-0907 1Microsoft 2Windows Server 2003 Windows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructin...Show more Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.Show less
CVE-2003-0906 1Microsoft 3Windows 2000 Windows NtWindows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.6 HIGH· v2 Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary...Show more Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.Show less
CVE-2003-0807 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a den...Show more Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.Show less
CVE-2003-0806 1Microsoft 3Windows 2000 Windows NtWindows Xp Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
CVE-2003-0719 1Microsoft 7Netmeeting Windows 2000Windows 2003 Server+4 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows...Show more Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.Show less
CVE-2003-0533 1Microsoft 7Netmeeting Windows 2000Windows 2003 Server+4 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 200...Show more Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.Show less
CVE-2003-0818 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Mar 3, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbi...Show more Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.Show less
CVE-2002-0034 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Feb 3, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file sys...Show more The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.Show less
CVE-2003-0824 1Microsoft 4Frontpage Server Extensions Sharepoint Team ServicesWindows 2000+1 more Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (re...Show more Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.Show less
CVE-2003-0822 1Microsoft 4Frontpage Server Extensions Sharepoint Team ServicesWindows 2000+1 more Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
CVE-2003-0812 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("N...Show more Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.Show less
CVE-2003-0897 1Microsoft 1Windows Xp Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 4.6 MEDIUM· v2 "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.
CVE-2003-0813 1Microsoft 5Windows 2000 Windows 98Windows Nt+2 more Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 5.1 MEDIUM· v2 A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RP...Show more A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.Show less
CVE-2003-0717 1Microsoft 5Windows 2000 Windows 2003 ServerWindows Me+2 more Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2003-0711 1Microsoft 5Windows 2000 Windows 2003 ServerWindows Me+2 more Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.
CVE-2003-0660 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute ar...Show more The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.Show less
CVE-2003-0659 1Microsoft 4Windows 2000 Windows 2003 ServerWindows Nt+1 more Apr 16, 2026 Nov 17, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileg...Show more Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.Show less

Previous 1...333435 36 37 Next