Buffer Overflow in Microsoft Windows NTDLL.DLL on Multiple Versions
CVE-2003-0109

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000 Terminal Services; Windows 2000
Vendor: CVE Published:; 31 March 2003

Summary

A buffer overflow vulnerability exists in the NTDLL.DLL component of Microsoft Windows, including versions NT 4.0, NT 4.0 Terminal Server Edition, 2000, and XP. This issue allows remote attackers to execute arbitrary code on affected systems. The vulnerability is exploited via specially crafted WebDAV requests sent to IIS 5.0, potentially leading to unauthorized access and control over the machine. It is critical for users of affected versions to apply security patches and adhere to best practices for server configuration to mitigate risks associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=104869293619064&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=104826476427372&w=2

mailing-listx_refsource_BUGTRAQ

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

89% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 31, 2003
Vulnerability Reserved
Feb 26, 2003