cve-2003-0109
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7116"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7116"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030326 WebDAV exploit: using wide character decoder scheme",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:109",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109"
},
{
"name": "20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2"
},
{
"name": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf",
"refsource": "MISC",
"url": "http://www.nextgenss.com/papers/ms03-007-ntdll.pdf"
},
{
"name": "http-webdav-long-request(11533)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11533.php"
},
{
"name": "Q815021",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q815021"
},
{
"name": "20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029"
},
{
"name": "20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2"
},
{
"name": "7116",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7116"
},
{
"name": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en",
"refsource": "CONFIRM",
"url": "http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en"
},
{
"name": "20030708 WDAV exploit without netcat and with pretty magic number",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2"
},
{
"name": "20030321 New attack vectors and a vulnerability dissection of MS03-007",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2"
},
{
"name": "MS03-007",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007"
},
{
"name": "VU#117394",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/117394"
},
{
"name": "CA-2003-09",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-09.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0109",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"294EBA01-147B-4DA0-937E-ACBB655EDE53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E8B7346-F2AA-434C-A048-7463EC1BB117\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE1A6107-DE00-4A1C-87FC-9E4015165B5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8208AFC9-0EFC-4A90-AD5A-FD94F5542885\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D4168AE-D19E-482E-8F2B-3E798B2D84E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E149E7-B748-44F6-BB55-68D5BF87AF41\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.\"}]",
"id": "CVE-2003-0109",
"lastModified": "2024-11-20T23:43:58.697",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
"published": "2003-03-31T05:00:00.000",
"references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cert.org/advisories/CA-2003-09.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/security_center/static/11533.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/117394\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/7116\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cert.org/advisories/CA-2003-09.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/security_center/static/11533.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/117394\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/7116\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2003-0109\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2003-03-31T05:00:00.000\",\"lastModified\":\"2024-11-20T23:43:58.697\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"294EBA01-147B-4DA0-937E-ACBB655EDE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8B7346-F2AA-434C-A048-7463EC1BB117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1A6107-DE00-4A1C-87FC-9E4015165B5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8208AFC9-0EFC-4A90-AD5A-FD94F5542885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D4168AE-D19E-482E-8F2B-3E798B2D84E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E149E7-B748-44F6-BB55-68D5BF87AF41\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2003-09.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11533.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/117394\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/7116\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104826476427372\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104861839130254\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104869293619064\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=104887148323552\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=105768156625699\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=104826785731151\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B\u0026displaylang=en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2003-09.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/security_center/static/11533.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/117394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.nextgenss.com/papers/ms03-007-ntdll.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/7116\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.