Microsoft : Security Vulnerabilities, CVEs, Published In 2004 CVSS score >= 4
CVE-2004-0206
Public exploit
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
Max CVSS
7.5
EPSS Score
18.97%
Published
2004-11-03
Updated
2018-10-12
CVE-2003-0818
Public exploit
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Max CVSS
7.5
EPSS Score
97.36%
Published
2004-03-03
Updated
2019-04-30
CVE-2003-0719
Public exploit
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Max CVSS
7.5
EPSS Score
95.57%
Published
2004-06-01
Updated
2018-10-12
CVE-2003-0533
Public exploit
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Max CVSS
7.5
EPSS Score
97.21%
Published
2004-06-01
Updated
2018-10-12
4 vulnerabilities found