CVE-2003-0719
Summary
| CVE | CVE-2003-0719 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-06-01 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. |
Risk And Classification
Primary CVSS: v2.0 7.5 from [email protected]
AV:N/AC:L/Au:N/C:P/I:P/A:P
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Netmeeting | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | fr |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | All | All |
| Operating System | Microsoft | Windows 98 | All | gold | All | All |
| Operating System | Microsoft | Windows Me | All | All | All | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | All | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | tablet_pc | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| US-CERT Technical Cyber Security Alert TA04-104A -- Multiple Vulnerabilities in Microsoft Products | af854a3a-2127-422b-91ae-364da2661108 | www.us-cert.gov | Third Party Advisory, US Government Resource |
| US-CERT Vulnerability Note VU#586540 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | Patch, Third Party Advisory, US Government Resource |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Patch, Vendor Advisory |
| Microsoft Security Bulletin MS04-011 - Critical | Microsoft Docs | af854a3a-2127-422b-91ae-364da2661108 | docs.microsoft.com | |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| xforce.iss.net/xforce/alerts/id/168 | af854a3a-2127-422b-91ae-364da2661108 | xforce.iss.net | Patch, Vendor Advisory |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.