Microsoft » Windows 2003 Server » sp1 : Security Vulnerabilities, CVEs, Published In 2005 (Code Execution)
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a crafted Windows Metafile (WMF) format image, aka "Windows Metafile Vulnerability."
Max CVSS
7.6
EPSS Score
96.26%
Published
2005-11-29
Updated
2018-10-12
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.
Max CVSS
7.5
EPSS Score
39.70%
Published
2005-11-29
Updated
2018-10-12
The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.
Max CVSS
7.5
EPSS Score
21.56%
Published
2005-10-13
Updated
2018-10-12
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
75.32%
Published
2005-10-12
Updated
2018-10-12
Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
Max CVSS
7.5
EPSS Score
52.69%
Published
2005-06-14
Updated
2018-10-12
5 vulnerabilities found