Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
4821 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
4822 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
4823 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
4824 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
4825 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
4826 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
4827 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
4828 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
4829 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
4821 -
4.3 		MEDIUM Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive info… CWE-200
Information Exposure 		CVE-2010-0488 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:sp2 		2023-12-8 03:38
2010-04-1 		Show GitHub Exploit DB Packet Storm
4822 -
9.3 		HIGH Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initia… CWE-94
Code Injection 		CVE-2010-0267 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:sp2 		2023-12-8 03:38
2010-04-1 		Show GitHub Exploit DB Packet Storm
4823 -
9.3 		HIGH Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving acc… CWE-399
 Resource Management Errors 		CVE-2010-0806 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:sp2 		2023-12-8 03:38
2010-03-11 		Show GitHub Exploit DB Packet Storm
4824 -
4.7 		MEDIUM An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denia… CWE-20
 Improper Input Validation  		CVE-2010-0719 cpe:2.3:o:microsoft:windows_server_2008:-:gold
cpe:2.3:o:microsoft:windows_server_2008:-:* 		2017-08-17 10:32
2010-02-27 		Show GitHub Exploit DB Packet Storm
4825 -
9.3 		HIGH The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle atta… CWE-20
 Improper Input Validation  		CVE-2010-0016 cpe:2.3:o:microsoft:windows_2000:-:sp4 2019-02-26 23:04
2010-02-11 		Show GitHub Exploit DB Packet Storm
4826 -
9.3 		HIGH The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2,… CWE-94
Code Injection 		CVE-2010-0252 cpe:2.3:o:microsoft:windows_server_2008:r2:*
cpe:2.3:o:microsoft:windows_server_2008:r2:*
cpe:2.3:o:microsoft:win… 		2023-12-8 03:38
2010-02-11 		Show GitHub Exploit DB Packet Storm
4827 -
9.3 		HIGH Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, W… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0250 cpe:2.3:o:microsoft:windows_server_2008:r2:*
cpe:2.3:o:microsoft:windows_server_2008:r2:*
cpe:2.3:o:microsoft:win… 		2023-12-8 03:38
2010-02-11 		Show GitHub Exploit DB Packet Storm
4828 -
7.8 		HIGH The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malfor… CWE-399
 Resource Management Errors 		CVE-2010-0242 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:gold 		2023-12-8 03:38
2010-02-11 		Show GitHub Exploit DB Packet Storm
4829 -
10.0 		HIGH The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packe… CWE-94
Code Injection 		CVE-2010-0241 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:gold 		2023-12-8 03:38
2010-02-11 		Show GitHub Exploit DB Packet Storm
4830 -
10.0 		HIGH The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulati… CWE-94
Code Injection 		CVE-2010-0240 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:gold 		2023-12-8 03:38
2010-02-11 		Show GitHub Exploit DB Packet Storm