High

CVE-2003-0111 - Unspecified vulnerability in Microsoft Virtual Machine/Windows 2000/Windows 2000 Terminal Services

Publication: 2003-05-05
Summary

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Microsoft Virtual Machine 3802
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Virtual Machine 3809
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Virtual Machine 3805
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000 Terminal Services
  • Microsoft Windows 2000