Lucene search

K
cve[email protected]CVE-2003-0010
HistoryMar 24, 2003 - 5:00 a.m.

CVE-2003-0010

2003-03-2405:00:00
NVD-CWE-Other
web.nvd.nist.gov
33
cve-2003-0010
integer overflow
jsarrayfunctionheapsort
windows script engine
jscript.dll
remote code execution
security vulnerability

8.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.102 Low

EPSS

Percentile

94.8%

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

8.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.102 Low

EPSS

Percentile

94.8%

Related for CVE-2003-0010