CVE-2003-0715

2003-09-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2003

0715

dcom

buffer overflow

remote code execution

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.703 High

EPSS

Percentile

98.0%

JSON

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqweb
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise_64-bit
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2003_servermicrosoft windows 2003 servereqstandard

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	web
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise_64-bit
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2003_server	microsoft windows 2003 server	eq	standard