Vulnerability Description
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Virtual Machine | 3802 |
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2000 Terminal Services | All versions |
References
- http://www.iss.net/security_center/static/11751.phpPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/447569PatchThird Party AdvisoryUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.iss.net/security_center/static/11751.phpPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/447569PatchThird Party AdvisoryUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2003-0111?
CVE-2003-0111 is a vulnerability with a CVSS score of 7.5 (HIGH). The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute ar...
How severe is CVE-2003-0111?
CVE-2003-0111 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0111?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Virtual Machine, Microsoft Windows 2000, Microsoft Windows 2000 Terminal Services.