Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0010

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0010
Last Modified 10 Sep 2008 03:17:22
Published 24 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0010

Summary

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2000 Terminal Services

  • Microsoft Windows 98

  • Microsoft Windows 98se

  • Microsoft Windows Me

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


References

BID - 7146

MS - MS03-008

BUGTRAQ - 20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine

VULNWATCH - 20030319 Windows Scripting Engine issue

IDEFENSE - 20030319 Heap Overflow in Windows Script Engine


Last Updated: 27 May 2016 10:37:45