Vulnerability CVE-2003-0819


Published: 2004-02-17   Modified: 2012-02-12

Description:
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Microsoft -> Proxy server 

 References:
http://www.cert.org/advisories/CA-2004-01.html
http://www.kb.cert.org/vuls/id/749342
http://www.securityfocus.com/bid/9406
http://www.securityfocus.com/bid/9408
http://www.securitytracker.com/id?1008698
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478

Copyright 2021, cxsecurity.com

 

Back to Top