Software Detail

Software Informaton Top

Operating Systems

Software Detail

Windows Server

Number Of NVD

5145

CRITICAL

123

HIGH

3506

MEDIUM

1446

LOW

URL	https://www.microsoft.com/
Explanation	Server products offered by Microsoft. For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support). You may need to deploy the latest updates to be eligible for support. For some products, the support organization may be less than 10 years. For consumer and multimedia products, five years of mainstream support at the supported Service Pack level. The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag	商用ライセンス有り Microsoft

Add Information URL

No	Type	Name	URL
1			https://support.microsoft.com//lifecycle/search
2			https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3			https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4			https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
5131	Windows Server 2022	21H2	Nov. 2, 2021	Nov. 2, 2021	Oct. 13, 2026		Oct. 14, 2031	55	1326	429	5
5132	Windows Server 2019	1809	Oct. 2, 2018	Nov. 13, 2018	Jan. 9, 2024		Jan. 9, 2029	95	2505	893	11
5133	Windows Server 2016	20H2	Oct. 20, 2020	Oct. 15, 2016	Jan. 11, 2022		Jan. 12, 2027	104	2591	1017	15
5134	Windows Server 2012		Oct. 30, 2012	Oct. 30, 2012	Oct. 9, 2018		Oct. 10, 2023	95	2213	917	50
5135	Windows Server 2008 R2（ Service Pack 1適用）			Feb. 22, 2011		Jan. 14, 2020		0	0	0	0
5136	Windows Server 2008（Service Pack 2適用）			April 29, 2009		Jan. 14, 2020		0	0	0	0
5137	Microsoft Windows Server 2003（Service Pack 2適用）			May 28, 2003	July 13, 2010		July 14, 2015	0	128	53	15
5138	Microsoft Windows Storage Server 2003			May 5, 2003	Oct. 11, 2011		Oct. 9, 2016	0	128	53	15
5139	Microsoft Windows 2000（Service Pack 4適用）			March 31, 2000	June 30, 2005		July 13, 2010	2	40	19	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
5131	- 5.0	MEDIUM	The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2003-0227	cpe:2.3:o:microsoft:windows_2000:-:*	2020-11-14 01:30 2003-06-9	Show	GitHub Exploit DB Packet Storm

5132	- 5.1	MEDIUM	Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.	NVD-CWE-Other	CVE-2002-2189	cpe:2.3:o:microsoft:windows_2003_server:r2:*	2008-09-6 05:32 2002-12-31	Show	GitHub Exploit DB Packet Storm

5133	- 6.8	MEDIUM	The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Ma…	CWE-295 Improper Certificate Validation	CVE-2002-0862	cpe:2.3:o:microsoft:windows_2000:-:*	2024-02-9 12:26 2002-10-4	Show	GitHub Exploit DB Packet Storm

5134	5.5 4.6	MEDIUM Local	NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trai…	CWE-59 Link Following	CVE-2002-0725	cpe:2.3:o:microsoft:windows_2000:-:sp2	2024-02-22 05:38 2002-09-5	Show	GitHub Exploit DB Packet Storm

5135	9.8 10.0	CRITICAL Network	Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code b…	CWE-190 Integer Overflow or Wraparound	CVE-2002-0391	cpe:2.3:o:microsoft:windows_2000:-:*	2024-02-9 03:38 2002-08-12	Show	GitHub Exploit DB Packet Storm

5136	7.8 7.2	HIGH Local	smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges…	NVD-CWE-noinfo	CVE-2002-0367	cpe:2.3:o:microsoft:windows_2000:-:*	2024-07-17 02:42 2002-06-25	Show	GitHub Exploit DB Packet Storm

5137	7.8 4.6	HIGH Local	Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.	CWE-667 Improper Locking	CVE-2002-0051	cpe:2.3:o:microsoft:windows_2000:-:*	2024-02-9 04:24 2002-04-4	Show	GitHub Exploit DB Packet Storm

5138	- 7.5	HIGH	SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to per…	CWE-294 Authentication Bypass by Capture-replay	CVE-2002-0054	cpe:2.3:o:microsoft:windows_2000:-:sp2 cpe:2.3:o:microsoft:windows_2000:-:sp1 cpe:2.3:o:microsoft:windows_2000:-:*	2020-04-9 22:46 2002-03-8	Show	GitHub Exploit DB Packet Storm

5139	- 5.0	MEDIUM	SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.	CWE-669 Incorrect Resource Transfer Between Spheres	CVE-2002-0055	cpe:2.3:o:microsoft:windows_2000:-:sp2 cpe:2.3:o:microsoft:windows_2000:-:sp1 cpe:2.3:o:microsoft:windows_2000:-:*	2020-04-9 22:46 2002-03-8	Show	GitHub Exploit DB Packet Storm

5140	7.5 5.0	HIGH Network	Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less r…	CWE-281 Improper Preservation of Permissions	CVE-2001-1515	cpe:2.3:o:microsoft:windows_2000:-:sp1	2024-01-26 06:11 2001-12-31	Show	GitHub Exploit DB Packet Storm