Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
5031 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
5032 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
5033 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
5034 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
5035 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
5036 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
5037 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
5038 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
5039 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
5031 -
7.2 		HIGH LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a … NVD-CWE-Other
CVE-2004-0894 cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1
cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:mi… 		2019-04-30 23:27
2005-01-10 		Show GitHub Exploit DB Packet Storm
5032 -
10.0 		HIGH Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf,… NVD-CWE-Other
CVE-2004-0901 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2005-01-10 		Show GitHub Exploit DB Packet Storm
5033 -
10.0 		HIGH The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitr… NVD-CWE-Other
CVE-2004-1080 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2005-01-10 		Show GitHub Exploit DB Packet Storm
5034 -
7.5 		HIGH The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the compute… NVD-CWE-Other
CVE-2004-0567 cpe:2.3:o:microsoft:windows_2003_server:r2:*
cpe:2.3:o:microsoft:windows_2003_server:64-bit:* 		2019-04-30 23:27
2004-12-31 		Show GitHub Exploit DB Packet Storm
5035 -
5.1 		MEDIUM Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, whic… NVD-CWE-Other
CVE-2004-1049 cpe:2.3:o:microsoft:windows_2003_server:r2:* 2018-10-13 06:35
2004-12-31 		Show GitHub Exploit DB Packet Storm
5036 -
5.1 		MEDIUM Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. NVD-CWE-Other
CVE-2004-1306 cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1
cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:mi… 		2019-04-30 23:27
2004-12-31 		Show GitHub Exploit DB Packet Storm
5037 -
2.1 		LOW Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard to… NVD-CWE-Other
CVE-2004-2365 cpe:2.3:o:microsoft:windows_2003_server:r2:* 2017-07-11 10:31
2004-12-31 		Show GitHub Exploit DB Packet Storm
5038 -
7.2 		HIGH Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl f… NVD-CWE-Other
CVE-2004-2339 cpe:2.3:o:microsoft:windows_2003_server:r2:* 2024-08-8 11:15
2004-12-31 		Show GitHub Exploit DB Packet Storm
5039 -
5.0 		MEDIUM The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame nu… NVD-CWE-Other
CVE-2004-1305 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2004-12-23 		Show GitHub Exploit DB Packet Storm
5040 -
5.0 		MEDIUM Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which … NVD-CWE-Other
CVE-2004-1361 cpe:2.3:o:microsoft:windows_2003_server:web:sp1_beta_1
cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:mi… 		2019-04-30 23:27
2004-12-23 		Show GitHub Exploit DB Packet Storm