Lucene search

[email protected]CVE-2003-0345

HistoryAug 18, 2003 - 4:00 a.m.

CVE-2003-0345

2003-08-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2003-0345

buffer overflow

smb

microsoft windows

denial of service

remote attackers

arbitrary code execution

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.301 Low

EPSS

Percentile

97.0%

JSON

Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_ntMatch4.0enterprise_server

microsoftwindows_ntMatch4.0server

microsoftwindows_ntMatch4.0terminal_server

microsoftwindows_ntMatch4.0terminal_server_alpha

microsoftwindows_ntMatch4.0workstation

microsoftwindows_ntMatch4.0sp1enterprise_server

microsoftwindows_ntMatch4.0sp1server

microsoftwindows_ntMatch4.0sp1terminal_server

microsoftwindows_ntMatch4.0sp1workstation

microsoftwindows_ntMatch4.0sp2enterprise_server

microsoftwindows_ntMatch4.0sp2server

microsoftwindows_ntMatch4.0sp2terminal_server

microsoftwindows_ntMatch4.0sp2workstation

microsoftwindows_ntMatch4.0sp3enterprise_server

microsoftwindows_ntMatch4.0sp3server

microsoftwindows_ntMatch4.0sp3terminal_server

microsoftwindows_ntMatch4.0sp3workstation

microsoftwindows_ntMatch4.0sp4enterprise_server

microsoftwindows_ntMatch4.0sp4server

microsoftwindows_ntMatch4.0sp4terminal_server

microsoftwindows_ntMatch4.0sp4workstation

microsoftwindows_ntMatch4.0sp5enterprise_server

microsoftwindows_ntMatch4.0sp5server

microsoftwindows_ntMatch4.0sp5terminal_server

microsoftwindows_ntMatch4.0sp5workstation

microsoftwindows_ntMatch4.0sp6enterprise_server

microsoftwindows_ntMatch4.0sp6server

microsoftwindows_ntMatch4.0sp6terminal_server

microsoftwindows_ntMatch4.0sp6workstation

microsoftwindows_ntMatch4.0sp6aenterprise_server

microsoftwindows_ntMatch4.0sp6aserver

microsoftwindows_ntMatch4.0sp6aterminal_server

microsoftwindows_ntMatch4.0sp6aworkstation

microsoftwindows_xp64-bit

microsoftwindows_xphome

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1home

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_xp	microsoft windows xp	eq	*

References

secunia.com/advisories/9225

securitytracker.com/id?1007154

www.kb.cert.org/vuls/id/337764

www.securityfocus.com/bid/8152

docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-024

exchange.xforce.ibmcloud.com/vulnerabilities/12544

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A118

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A146

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3391

8.1 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.301 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2003-0345

cvelist1 cert1 nessus1 nvd1