Microsoft » Windows 2000 : Security Vulnerabilities, CVEs, Published In 2003 (Denial of service)
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
Max CVSS
6.8
EPSS Score
1.07%
Published
2003-12-31
Updated
2017-08-08
Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet.
Max CVSS
7.8
EPSS Score
12.38%
Published
2003-12-31
Updated
2019-04-30
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
Max CVSS
5.0
EPSS Score
40.20%
Published
2003-12-15
Updated
2019-04-30
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.
Max CVSS
5.1
EPSS Score
60.83%
Published
2003-11-17
Updated
2024-02-15
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Max CVSS
7.5
EPSS Score
96.78%
Published
2003-08-27
Updated
2019-04-30
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash.
Max CVSS
7.5
EPSS Score
6.75%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument.
Max CVSS
7.5
EPSS Score
1.68%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.
Max CVSS
7.5
EPSS Score
13.03%
Published
2003-08-07
Updated
2018-10-12
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
Max CVSS
7.5
EPSS Score
32.67%
Published
2003-08-18
Updated
2019-04-30
The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
Max CVSS
5.0
EPSS Score
95.93%
Published
2003-06-09
Updated
2020-11-13
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.
Max CVSS
5.0
EPSS Score
56.30%
Published
2003-04-02
Updated
2019-04-30
11 vulnerabilities found