Detections
Analytics

CVE-2003-0109

high

Description

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007

http://www.nextgenss.com/papers/ms03-007-ntdll.pdf

http://www.kb.cert.org/vuls/id/117394

http://www.iss.net/security_center/static/11533.php

http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029

http://www.cert.org/advisories/CA-2003-09.html

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021

http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en

http://marc.info/?l=ntbugtraq&m=104826785731151&w=2

http://marc.info/?l=bugtraq&m=105768156625699&w=2

http://marc.info/?l=bugtraq&m=104887148323552&w=2

http://marc.info/?l=bugtraq&m=104869293619064&w=2

http://marc.info/?l=bugtraq&m=104861839130254&w=2

http://marc.info/?l=bugtraq&m=104826476427372&w=2

Details

Source: Mitre, NVD

Published: 2003-03-31

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.89745