LiveActive security incident?Get immediate response
CVE archive

April 2003

Browse CVE records published in April 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 78 matching CVEs · Page 1 of 2.

Medium · CVSS 5.6

CVE-2003-20001: An issue was discovered on Mitel ICP VoIP 3100 devices.

An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges information about the call and any SMDR records generated by the system. The information provided includes the service type, extension number and other parameters, related to the call activity.

Published Apr 1, 2025 · Updated Apr 4, 2025

Unknown · CVSS Not scored

CVE-2003-1132: The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA...

The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.

Published Apr 21, 2005 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2003-1325: The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and ear...

The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.

Published Apr 12, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2003-0908: The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows lo...

The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.

Published Apr 16, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0719: Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL...

Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.

Published Apr 16, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0533: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Securi...

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

Published Apr 16, 2004 · Updated Aug 8, 2024