High

CVE-2003-0109 - Unspecified vulnerability in Microsoft Windows 2000 Terminal Services

Publication: 2003-03-31
Summary

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Microsoft Windows 2000
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000