Export limit exceeded: 25566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (25566 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0309 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability."
CVE-2003-0344 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
CVE-2003-0345 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
CVE-2003-0346 1 Microsoft 1 Directx 2026-04-16 N/A
Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow.
CVE-2003-0348 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.
CVE-2003-0349 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
CVE-2003-0350 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.
CVE-2003-0352 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
CVE-2003-0353 1 Microsoft 1 Data Access Components 2026-04-16 N/A
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
CVE-2002-2380 2 Arescom, Microsoft 2 Netdsl, Network Firmware 2026-04-16 N/A
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
CVE-2002-2401 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
CVE-2002-2413 2 Deerfield, Microsoft 3 Website Pro, Windows 9x, Windows Nt 2026-04-16 N/A
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
CVE-2003-0001 5 Freebsd, Linux, Microsoft and 2 more 6 Freebsd, Linux Kernel, Windows 2000 and 3 more 2026-04-16 5.3 Medium
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVE-2003-0002 1 Microsoft 1 Content Management Server 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.
CVE-2003-0003 1 Microsoft 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more 2026-04-16 N/A
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.
CVE-2003-0004 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.
CVE-2003-0007 1 Microsoft 1 Outlook 2026-04-16 N/A
Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."
CVE-2003-0009 1 Microsoft 2 Windows Me, Windows Xp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
CVE-2003-0010 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more 2026-04-16 N/A
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
CVE-2003-0011 1 Microsoft 1 Isa Server 2026-04-16 N/A
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.