LiveActive security incident?Get immediate response
CVE archive

July 2003

Browse CVE records published in July 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 94 matching CVEs · Page 1 of 2.

Unknown · CVSS Not scored

CVE-2003-0605: The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (cr...

The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.

Published Jul 29, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0602: Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17...

Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs.

Published Jul 29, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0526: Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000...

Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found."

Published Jul 17, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0525: The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corrupt...

The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.

Published Jul 25, 2003 · Updated Aug 8, 2024