Microsoft » Windows 2000 : Security Vulnerabilities, CVEs, Published In August 2003 (Overflow)
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash.
Max CVSS
7.5
EPSS Score
6.75%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument.
Max CVSS
7.5
EPSS Score
1.68%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.
Max CVSS
7.5
EPSS Score
13.03%
Published
2003-08-07
Updated
2018-10-12
CVE-2003-0352
Public exploit
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
Max CVSS
7.5
EPSS Score
97.16%
Published
2003-08-18
Updated
2019-04-30
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
Max CVSS
7.5
EPSS Score
32.67%
Published
2003-08-18
Updated
2019-04-30
5 vulnerabilities found