CVE-2003-0109 (GCVE-0-2003-0109)
Vulnerability from cvelistv5 – Published: 2003-03-18 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7116"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7116"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"name": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf",
"refsource": "MISC",
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7116"
},
{
"name": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en",
"refsource": "CONFIRM",
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0109",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"294EBA01-147B-4DA0-937E-ACBB655EDE53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E8B7346-F2AA-434C-A048-7463EC1BB117\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE1A6107-DE00-4A1C-87FC-9E4015165B5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8208AFC9-0EFC-4A90-AD5A-FD94F5542885\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D4168AE-D19E-482E-8F2B-3E798B2D84E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E149E7-B748-44F6-BB55-68D5BF87AF41\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.\"}]",
"id": "CVE-2003-0109",
"lastModified": "2024-11-20T23:43:58.697",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
"published": "2003-03-31T05:00:00.000",
"references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cert.org/advisories/CA-2003-09.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/security_center/static/11533.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/117394\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/7116\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cert.org/advisories/CA-2003-09.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/security_center/static/11533.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/117394\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/7116\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2003-0109\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2003-03-31T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"294EBA01-147B-4DA0-937E-ACBB655EDE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8B7346-F2AA-434C-A048-7463EC1BB117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1A6107-DE00-4A1C-87FC-9E4015165B5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8208AFC9-0EFC-4A90-AD5A-FD94F5542885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D4168AE-D19E-482E-8F2B-3E798B2D84E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E149E7-B748-44F6-BB55-68D5BF87AF41\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2003-09.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11533.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/117394\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/7116\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2003-09.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11533.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/117394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/7116\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…