Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0010


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0010
Last Modified 10 Sep 2008 03:17:22
Published 24 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2000 Terminal Services

  • Microsoft Windows 98

  • Microsoft Windows 98se

  • Microsoft Windows Me

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


BID - 7146

MS - MS03-008

BUGTRAQ - 20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine

VULNWATCH - 20030319 Windows Scripting Engine issue

IDEFENSE - 20030319 Heap Overflow in Windows Script Engine

Last Updated: 27 May 2016 10:37:45