Lucene search

[email protected]NVD:CVE-2003-0346

HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0346

2003-08-2704:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.29 Low

EPSS

Percentile

96.9%

JSON

Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow.

Affected configurations

NVD

Node

microsoftdirectxMatch5.2

microsoftdirectxMatch6.1

microsoftdirectxMatch7.0

microsoftdirectxMatch7.0a

microsoftdirectxMatch8.1

microsoftdirectxMatch9.0a

References

marc.info/?l=bugtraq&m=105899759824008&w=2

www.cert.org/advisories/CA-2003-18.html

www.kb.cert.org/vuls/id/265232

www.kb.cert.org/vuls/id/561284

docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-030

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1095

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1104

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A218

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.29 Low

EPSS

Percentile

96.9%

JSON

Related for NVD:CVE-2003-0346

cve1 securityvulns2 cvelist1 cert2 nessus1