Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
Published 2003-08-18 04:00:00
Updated 2019-04-30 14:27:14
Source MITRE
View at NVD,   CVE.org
Vulnerability category: OverflowExecute code

Products affected by CVE-2003-0352

Exploit prediction scoring system (EPSS) score for CVE-2003-0352

95.99%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2003-0352

  • MS03-026 Microsoft RPC DCOM Interface Overflow
    Disclosure Date: 2003-07-16
    First seen: 2020-04-26
    exploit/windows/dcerpc/ms03_026_dcom
    This module exploits a stack buffer overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has been widely exploited ever since. This module can exploit the English versions of Windows NT 4.0 SP

CVSS scores for CVE-2003-0352

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!