CVE-2003-0819
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Desbordamiento de búfer en el filtro H.323 Microsoft Internet Security and Acceleration Server 2000 permite a atacantes remotos ejecutar código arbitrario en el Servicio de Cortafuegos de Microsoft mediante cierto tráfico H.323, como se demostró por por la suite de pruebas del protocolo H.225 NISCC/OUSPG PROTOS.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-09-18 CVE Reserved
- 2004-01-15 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/10611 | Third Party Advisory | |
| http://www.securityfocus.com/bid/9406 | Vdb Entry | |
| http://www.securitytracker.com/id?1008698 | Vdb Entry | |
| http://www.uniras.gov.uk/vuls/2004/006489/h323.htm | X_refsource_misc | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cert.org/advisories/CA-2004-01.html | 2018-10-12 | |
| http://www.kb.cert.org/vuls/id/749342 | 2018-10-12 | |
| http://www.securityfocus.com/bid/9408 | 2018-10-12 |
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Proxy Server Search vendor "Microsoft" for product "Proxy Server" | 2.0 Search vendor "Microsoft" for product "Proxy Server" and version "2.0" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Proxy Server Search vendor "Microsoft" for product "Proxy Server" | 2.0 Search vendor "Microsoft" for product "Proxy Server" and version "2.0" | sp1 |
Affected
| ||||||