Vulnerability Details : CVE-2003-0719
Public exploit exists!
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2003-0719
Probability of exploitation activity in the next 30 days: 95.57%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2003-0719
-
MS04-011 Microsoft Private Communications Transport Overflow
Disclosure Date: 2004-04-13First seen: 2020-04-26exploit/windows/ssl/ms04_011_pctThis module exploits a buffer overflow in the Microsoft Windows SSL PCT protocol stack. This code is based on Johnny Cyberpunk's THC release and has been tested against Windows 2000 and Windows XP. To use this module, specify the remote port of any SSL serv
CVSS scores for CVE-2003-0719
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2003-0719
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889
-
http://www.securityfocus.com/archive/1/361836
Patch;Vendor Advisory
-
http://xforce.iss.net/xforce/alerts/id/168
Patch;Vendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951
-
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093
-
http://www.kb.cert.org/vuls/id/586540
Patch;Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Microsoft Security Bulletin MS04-011 - Critical | Microsoft Learn
Products affected by CVE-2003-0719
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:netmeeting:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*