Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
5071 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
5072 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
5073 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
5074 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
5075 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
5076 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
5077 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
5078 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
5079 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
5071 -
5.0 		MEDIUM Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. NVD-CWE-Other
CVE-2003-0839 cpe:2.3:o:microsoft:windows_2003_server:r2:* 2016-10-18 11:37
2003-11-17 		Show GitHub Exploit DB Packet Storm
5072 -
5.0 		MEDIUM The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive … NVD-CWE-Other
CVE-2003-0661 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2003-10-20 		Show GitHub Exploit DB Packet Storm
5073 -
10.0 		HIGH Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long fi… NVD-CWE-Other
CVE-2003-0528 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2003-09-17 		Show GitHub Exploit DB Packet Storm
5074 -
10.0 		HIGH Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activat… NVD-CWE-Other
CVE-2003-0715 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2003-09-17 		Show GitHub Exploit DB Packet Storm
5075 -
7.5 		HIGH Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by t… NVD-CWE-Other
CVE-2003-0352 cpe:2.3:o:microsoft:windows_2003_server:web:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*
cpe:2.3:o:micros… 		2019-04-30 23:27
2003-08-18 		Show GitHub Exploit DB Packet Storm
5076 -
7.5 		HIGH Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-pa… NVD-CWE-Other
CVE-2003-0469 cpe:2.3:o:microsoft:windows_2003_server:r2:*
cpe:2.3:o:microsoft:windows_2003_server:64-bit:* 		2018-10-13 06:32
2003-08-7 		Show GitHub Exploit DB Packet Storm
5077 -
5.0 		MEDIUM The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2003-0227 cpe:2.3:o:microsoft:windows_2000:-:* 2020-11-14 01:30
2003-06-9 		Show GitHub Exploit DB Packet Storm
5078 -
5.1 		MEDIUM Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link. NVD-CWE-Other
CVE-2002-2189 cpe:2.3:o:microsoft:windows_2003_server:r2:* 2008-09-6 05:32
2002-12-31 		Show GitHub Exploit DB Packet Storm
5079 -
6.8 		MEDIUM The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Ma… CWE-295
Improper Certificate Validation  		CVE-2002-0862 cpe:2.3:o:microsoft:windows_2000:-:* 2024-02-9 12:26
2002-10-4 		Show GitHub Exploit DB Packet Storm
5080 5.5
4.6 		MEDIUM
Local 		NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trai… CWE-59
Link Following 		CVE-2002-0725 cpe:2.3:o:microsoft:windows_2000:-:sp2 2024-02-22 05:38
2002-09-5 		Show GitHub Exploit DB Packet Storm