Buffer Overflow in Microsoft SSL Library Affects Multiple Windows Versions
CVE-2003-0719

Currently unrated

Key Information:

Vendor: Microsoft
Status: Netmeeting
Vendor: CVE Published:; 1 June 2004

Summary

A buffer overflow vulnerability exists in the Private Communications Transport (PCT) protocol implementation within the Microsoft SSL library. This flaw affects various versions of Microsoft Windows, including NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, as well as NetMeeting, Windows 98, and Windows ME. Attackers can exploit this vulnerability by sending specially crafted PCT 1.0 handshake packets, potentially allowing them to execute arbitrary code on the affected systems. Organizations using these affected products should take appropriate precautions and apply necessary updates to mitigate the risks associated with this vulnerability.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/archive/1/361836

mailing-listx_refsource_BUGTRAQ

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 1, 2004
Vulnerability Reserved
Sep 2, 2003