Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0659

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0659
Last Modified 10 Sep 2008 03:20:03
Published 17 Nov 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0659

Summary

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Enterprise

  • Microsoft Windows 2003 Server Enterprise 64-bit

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


References

CERT-VN - VU#967668

CERT - CA-2003-27

BID - 8827

MS - MS03-045

NTBUGTRAQ - 20031016 Listbox And Combobox Control Buffer Overflow

XF - win-user32-control-bo(13424)


Last Updated: 27 May 2016 10:38:00