CVE-2003-0111
7.5
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Description
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Affected Software Configurations
- a microsoft virtual_machine 3802 * * * * * * *
- a microsoft virtual_machine 3805 * * * * * * *
- a microsoft virtual_machine 3809 * * * * * * *
- o microsoft windows_2000 * * * * * * * *
- o microsoft windows_2000 * sp1 * * * * * *
- o microsoft windows_2000 * sp2 * * * * * *
- o microsoft windows_2000 * sp3 * * * * * *
- o microsoft windows_2000_terminal_services * * * * * * * *
- o microsoft windows_2000_terminal_services * sp1 * * * * * *
- o microsoft windows_2000_terminal_services * sp2 * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://www.iss.net/security_center/static/11751.php
- http://www.kb.cert.org/vuls/id/447569
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-011
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A136
- http://www.iss.net/security_center/static/11751.php
- http://www.kb.cert.org/vuls/id/447569
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-011
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A136