{"api_version":"1","generated_at":"2026-07-10T04:21:14+00:00","cve":"CVE-2003-0719","urls":{"html":"https://cve.report/CVE-2003-0719","api":"https://cve.report/api/cve/CVE-2003-0719.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2003-0719","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2003-0719"},"summary":{"title":"CVE-2003-0719","description":"Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-06-01 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.us-cert.gov/cas/techalerts/TA04-104A.html","name":"http://www.us-cert.gov/cas/techalerts/TA04-104A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA04-104A -- Multiple Vulnerabilities in Microsoft Products","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kb.cert.org/vuls/id/586540","name":"http://www.kb.cert.org/vuls/id/586540","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"],"title":"US-CERT Vulnerability Note VU#586540","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/361836","name":"http://www.securityfocus.com/archive/1/361836","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011","name":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Microsoft Security Bulletin MS04-011 - Critical | Microsoft Docs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://xforce.iss.net/xforce/alerts/id/168","name":"http://xforce.iss.net/xforce/alerts/id/168","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2003-0719","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2003-0719","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"netmeeting","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2000","cpe6":"*","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2000","cpe6":"*","cpe7":"sp4","cpe8":"*","cpe9":"fr","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2003_server","cpe6":"r2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_98","cpe6":"*","cpe7":"gold","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_me","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_nt","cpe6":"4.0","cpe7":"sp6a","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"719","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"*","cpe7":"sp1","cpe8":"tablet_pc","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T02:05:12.390Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"oval:org.mitre.oval:def:1093","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093"},{"name":"20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/361836"},{"name":"MS04-011","tags":["vendor-advisory","x_refsource_MS","x_transferred"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011"},{"name":"VU#586540","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/586540"},{"name":"TA04-104A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA04-104A.html"},{"name":"20040413 Microsoft SSL Library Remote Compromise Vulnerability","tags":["third-party-advisory","x_refsource_ISS","x_transferred"],"url":"http://xforce.iss.net/xforce/alerts/id/168"},{"name":"oval:org.mitre.oval:def:889","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889"},{"name":"oval:org.mitre.oval:def:903","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903"},{"name":"oval:org.mitre.oval:def:951","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-04-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-12T19:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"oval:org.mitre.oval:def:1093","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093"},{"name":"20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/361836"},{"name":"MS04-011","tags":["vendor-advisory","x_refsource_MS"],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011"},{"name":"VU#586540","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/586540"},{"name":"TA04-104A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA04-104A.html"},{"name":"20040413 Microsoft SSL Library Remote Compromise Vulnerability","tags":["third-party-advisory","x_refsource_ISS"],"url":"http://xforce.iss.net/xforce/alerts/id/168"},{"name":"oval:org.mitre.oval:def:889","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889"},{"name":"oval:org.mitre.oval:def:903","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903"},{"name":"oval:org.mitre.oval:def:951","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2003-0719","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"oval:org.mitre.oval:def:1093","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093"},{"name":"20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/361836"},{"name":"MS04-011","refsource":"MS","url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011"},{"name":"VU#586540","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/586540"},{"name":"TA04-104A","refsource":"CERT","url":"http://www.us-cert.gov/cas/techalerts/TA04-104A.html"},{"name":"20040413 Microsoft SSL Library Remote Compromise Vulnerability","refsource":"ISS","url":"http://xforce.iss.net/xforce/alerts/id/168"},{"name":"oval:org.mitre.oval:def:889","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889"},{"name":"oval:org.mitre.oval:def:903","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903"},{"name":"oval:org.mitre.oval:def:951","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2003-0719","datePublished":"2004-04-16T04:00:00.000Z","dateReserved":"2003-09-02T00:00:00.000Z","dateUpdated":"2024-08-08T02:05:12.390Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-06-01 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:netmeeting:*:*:*:*:*:*:*:*","matchCriteriaId":"C85E1F3F-1839-4EB9-BF31-E29194F596CA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*","matchCriteriaId":"4E8B7346-F2AA-434C-A048-7463EC1BB117"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*","matchCriteriaId":"330B6798-5380-44AD-9B52-DF5955FA832C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*","matchCriteriaId":"4E7FD818-322D-4089-A644-360C33943D29"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*","matchCriteriaId":"2D3B703C-79B2-4FA2-9E12-713AB977A880"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*","matchCriteriaId":"799DA395-C7F8-477C-8BC7-5B4B88FB7503"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*","matchCriteriaId":"14F55877-A759-4C8A-84D5-70508E449799"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*","matchCriteriaId":"B9687E6C-EDE9-42E4-93D0-C4144FEC917A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2003","CveId":"719","Ordinal":"1","Title":"CVE-2003-0719","CVE":"CVE-2003-0719","Year":"2003"},"notes":[{"CveYear":"2003","CveId":"719","Ordinal":"1","NoteData":"Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.","Type":"Description","Title":"CVE-2003-0719"},{"CveYear":"2003","CveId":"719","Ordinal":"2","NoteData":"2004-04-16","Type":"Other","Title":"Published"},{"CveYear":"2003","CveId":"719","Ordinal":"3","NoteData":"2018-10-12","Type":"Other","Title":"Modified"}]}}}