Vulnerability Description
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 Terminal Services | - |
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Nt | 4.0 |
| Microsoft | Windows Xp | All versions |
References
- http://marc.info/?l=bugtraq&m=104394414713415&w=2Third Party Advisory
- http://marc.info/?l=ntbugtraq&m=104393588232166&w=2Third Party Advisory
- http://www.cert.org/advisories/CA-2003-03.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/610986PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/6666Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11132Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://marc.info/?l=bugtraq&m=104394414713415&w=2Third Party Advisory
- http://marc.info/?l=ntbugtraq&m=104393588232166&w=2Third Party Advisory
- http://www.cert.org/advisories/CA-2003-03.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/610986PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/6666Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11132Third Party AdvisoryVDB Entry
FAQ
What is CVE-2003-0003?
CVE-2003-0003 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC ca...
How severe is CVE-2003-0003?
CVE-2003-0003 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0003?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000 Terminal Services, Microsoft Windows 2000, Microsoft Windows Nt, Microsoft Windows Xp.