Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
Source: MITRE
Max CVSS
6.8
EPSS Score
1.07%
Published
2003-12-31
Updated
2017-08-08
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.
Source: MITRE
Max CVSS
4.3
EPSS Score
11.09%
Published
2003-12-31
Updated
2021-07-23
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.
Source: MITRE
Max CVSS
4.3
EPSS Score
4.04%
Published
2003-12-31
Updated
2017-07-29
Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet.
Source: MITRE
Max CVSS
7.8
EPSS Score
11.95%
Published
2003-12-31
Updated
2019-04-30
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.
Source: MITRE
Max CVSS
5.0
EPSS Score
8.16%
Published
2003-12-31
Updated
2008-09-05
Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.
Source: MITRE
Max CVSS
2.6
EPSS Score
1.56%
Published
2003-12-31
Updated
2021-07-23
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.
Source: MITRE
Max CVSS
5.0
EPSS Score
41.64%
Published
2003-12-15
Updated
2019-04-30
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.
Source: MITRE
Max CVSS
5.1
EPSS Score
60.83%
Published
2003-11-17
Updated
2024-02-15

CVE-2003-0714

Public exploit
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
Source: MITRE
Max CVSS
7.5
EPSS Score
9.16%
Published
2003-11-17
Updated
2020-04-09
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Source: MITRE
Max CVSS
7.5
EPSS Score
96.78%
Published
2003-08-27
Updated
2019-04-30
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.
Source: MITRE
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-08-27
Updated
2018-10-12
Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.
Source: MITRE
Max CVSS
5.0
EPSS Score
4.54%
Published
2003-08-18
Updated
2021-07-23
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash.
Source: MITRE
Max CVSS
7.5
EPSS Score
5.99%
Published
2003-08-07
Updated
2016-10-18
Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation.
Source: MITRE
Max CVSS
5.0
EPSS Score
4.54%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument.
Source: MITRE
Max CVSS
7.5
EPSS Score
1.68%
Published
2003-08-07
Updated
2016-10-18
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.
Source: MITRE
Max CVSS
7.5
EPSS Score
15.62%
Published
2003-08-07
Updated
2018-10-12
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
Source: MITRE
Max CVSS
7.5
EPSS Score
30.07%
Published
2003-08-18
Updated
2019-04-30
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Source: MITRE
Max CVSS
5.0
EPSS Score
0.54%
Published
2003-06-16
Updated
2016-10-18
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Source: MITRE
Max CVSS
5.0
EPSS Score
0.46%
Published
2003-06-16
Updated
2016-10-18
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.
Source: MITRE
Max CVSS
5.0
EPSS Score
11.46%
Published
2003-08-27
Updated
2018-10-12
The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
Source: MITRE
Max CVSS
5.0
EPSS Score
95.93%
Published
2003-06-09
Updated
2020-11-13
Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled.
Source: MITRE
Max CVSS
5.0
EPSS Score
5.93%
Published
2003-06-09
Updated
2020-11-23
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.
Source: MITRE
Max CVSS
5.0
EPSS Score
9.27%
Published
2003-06-09
Updated
2018-10-30
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.
Source: MITRE
Max CVSS
5.0
EPSS Score
1.34%
Published
2003-05-05
Updated
2018-10-12
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.
Source: MITRE
Max CVSS
5.0
EPSS Score
0.50%
Published
2003-03-24
Updated
2018-10-12
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!