7.5

CVE-2003-0010

EPSS 26.25%
Published 24.03.2003 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Microsoft ≫ Windows 2000 Terminal Services

Microsoft ≫ Windows 2000 Terminal Services Updatesp1

Microsoft ≫ Windows 2000 Terminal Services Updatesp2

Microsoft ≫ Windows 2000 Terminal Services Updatesp3

Microsoft ≫ Windows 98 Updategold

Microsoft ≫ Windows 98se

Microsoft ≫ Windows Me

Microsoft ≫ Windows Nt Version4.0 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Editionserver

Microsoft ≫ Windows Nt Version4.0 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp1 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp1 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp1 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp1 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp2 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp2 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp2 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp2 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp3 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp3 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp3 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp3 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp4 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp4 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp4 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp4 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp5 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp5 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp5 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp5 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp6 Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp6 Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp6 Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp6 Editionworkstation

Microsoft ≫ Windows Nt Version4.0 Updatesp6a Editionenterprise_server

Microsoft ≫ Windows Nt Version4.0 Updatesp6a Editionserver

Microsoft ≫ Windows Nt Version4.0 Updatesp6a Editionterminal_server

Microsoft ≫ Windows Nt Version4.0 Updatesp6a Editionworkstation

Microsoft ≫ Windows Xp Editionhome

Microsoft ≫ Windows Xp Updategold Editionprofessional

Microsoft ≫ Windows Xp Updatesp1 Editionhome

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	26.25%	0.962

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=26

http://marc.info/?l=bugtraq&m=104812108307645&w=2

http://www.securityfocus.com/bid/7146

Patch

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-008

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A134

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A200

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A794

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A795

https://nvd.nist.gov/vuln/detail/CVE-2003-0010

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0010

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0010

EUVD