CVE-2003-0010

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows 2000 Terminal Services; Windows Xp; Windows 2000
Vendor: CVE Published:; 24 March 2003

Summary

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

References

http://www.securityfocus.com/bid/7146

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 24, 2003
Vulnerability Reserved
Jan 2, 2003

Collectors

NVD DatabaseMitre Database