Lucene search

[email protected]CVE-2003-0646

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0646

2003-08-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0646

buffer overflow

activex

trend micro

housecall

damage cleanup server

remote code execution

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.

CPENameOperatorVersion
trend_micro:housecalltrend micro housecalleq5.5
trend_micro:housecalltrend micro housecalleq5.7
trend_micro:damage_cleanup_servertrend micro damage cleanup servereq1.0

CPE	Name	Operator	Version
trend_micro:housecall	trend micro housecall	eq	5.5
trend_micro:housecall	trend micro housecall	eq	5.7
trend_micro:damage_cleanup_server	trend micro damage cleanup server	eq	1.0

References

kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=15274

lists.grok.org.uk/pipermail/full-disclosure/2003-July/006488.html

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2003-0646

kaspersky1