CVE-2003-0825
7.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.6%
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
References
www.ciac.org/ciac/bulletins/o-077.shtml
www.kb.cert.org/vuls/id/445214
www.osvdb.org/3903
www.securityfocus.com/bid/9624
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-006
exchange.xforce.ibmcloud.com/vulnerabilities/15037
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A704
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A800
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A801
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A802
Related
7.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.6%