) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Keyword (text search): cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:web:*:*:*
- CPE Name Search: true
There are 82 matching records.
Displaying matches 81 through 82.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2004-0119 |
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. Published: June 01, 2004; 12:00:00 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.5 HIGH |
| CVE-2003-0904 |
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. Published: January 20, 2004; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.0 MEDIUM |