CVSS: 5.0EPSS: 83%CPEs: 1EXPL: 0CVE-2003-0905
https://notcve.org/view.php?id=CVE-2003-0905
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets. Vulnerabilidad desconocida en los componentes Windows Media Station Service y Windows Media Monitor Service de Windows Media Services 4.1 permite a atacantes remotos causar una denegación de servicio (impidiendo nuevas conexiones) mediante ciertas secuencias de paquetes TCP/IP. • http://www.kb.cert.org/vuls/id/982630 http://www.securityfocus.com/bid/9825 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/15038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A842 •
CVSS: 6.0EPSS: 2%CPEs: 7EXPL: 0CVE-2003-0904
https://notcve.org/view.php?id=CVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. Microsoft Exchange 2003 y Outlook Web Access (OWA), cuando usan SharePoint Services 2.0, hace que la autenticación Kerberos se desactive para IIS, lo que puede causar que usuarios de OWA vean los buzones de correo de otros usuarios. • http://secunia.com/advisories/10615 http://www.kb.cert.org/vuls/id/530660 http://www.microsoft.com/exchange/support/e2k3owa.asp http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0311&L=ntbugtraq&F=P&S=&P=9281 http://www.securityfocus.com/bid/9118 http://www.securityfocus.com/bid/9409 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/13869 https://oval.cisecurity.org/repository/search&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 97%CPEs: 8EXPL: 2CVE-2003-0822 – Microsoft FrontPage Server Extensions - 'fp30reg.dll' (MS03-051)
https://notcve.org/view.php?id=CVE-2003-0822
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. Desbordamiento de búfer en la funcionalidad de depuración en fp30reg.dll de Microsoft FrontPage Server Extensions 2000 y 2002 permite a atacantes remotos ejecutar código mediante una cierta petición en trozos codificada. • https://www.exploit-db.com/exploits/121 https://www.exploit-db.com/exploits/16356 http://marc.info/?l=bugtraq&m=106865318904055&w=2 http://marc.info/?l=ntbugtraq&m=106862654906759&w=2 http://secunia.com/advisories/10195 http://www.kb.cert.org/vuls/id/279156 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/13674 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A •
CVSS: 5.0EPSS: 41%CPEs: 8EXPL: 0CVE-2003-0824
https://notcve.org/view.php?id=CVE-2003-0824
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. Vulnerabilidad desconocida en el intérprete SmartHTML interpreter (shtml.dll) en Microsoft FrontPage Server Extensions 2000 y 2002, y Microsoft SharePoint Team Services 2002, permite a atacantes remotos causar una denegación de servicio (fallo de respuesta) mediante una cierta petición. • http://secunia.com/advisories/10195 http://www.kb.cert.org/vuls/id/179012 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/13680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A606 https://oval.cis •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 3CVE-2003-0496 – Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0496
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. Microsoft Windows 2000 pre-SP4 no maneja adecuadamente tuberias con nombre (named pipes) a través de la API CreateFile, de forma que usuarios locales pueden ganar privilegios llamando al procedimiento almacenado extendidoxp_fileexist de SQL Server con un nombre de tubería como argumento en vez de un fichero local. • https://www.exploit-db.com/exploits/22882 https://www.exploit-db.com/exploits/22883 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0013.html http://marc.info/?l=bugtraq&m=105820282607865&w=2 http://marc.info/?l=bugtraq&m=105830986720243&w=2 http://www.atstake.com/research/advisories/2003/a070803-1.txt •