Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2003-0010
HistoryMar 24, 2003 - 5:00 a.m.

CVE-2003-0010

2003-03-2405:00:00
[email protected]
web.nvd.nist.gov
36
cve-2003-0010
integer overflow
jsarrayfunctionheapsort
windows script engine
jscript.dll
remote code execution
security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.102 Low

EPSS

Percentile

95.0%

JSON

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

Affected configurations

NVD
Node
microsoftwindows_2000
OR
microsoftwindows_2000sp1
OR
microsoftwindows_2000sp2
OR
microsoftwindows_2000sp3
OR
microsoftwindows_2000_terminal_services
OR
microsoftwindows_2000_terminal_servicessp1
OR
microsoftwindows_2000_terminal_servicessp2
OR
microsoftwindows_2000_terminal_servicessp3
OR
microsoftwindows_98gold
OR
microsoftwindows_98se
OR
microsoftwindows_me
OR
microsoftwindows_ntMatch4.0enterprise_server
OR
microsoftwindows_ntMatch4.0server
OR
microsoftwindows_ntMatch4.0terminal_server
OR
microsoftwindows_ntMatch4.0workstation
OR
microsoftwindows_ntMatch4.0sp1enterprise_server
OR
microsoftwindows_ntMatch4.0sp1server
OR
microsoftwindows_ntMatch4.0sp1terminal_server
OR
microsoftwindows_ntMatch4.0sp1workstation
OR
microsoftwindows_ntMatch4.0sp2enterprise_server
OR
microsoftwindows_ntMatch4.0sp2server
OR
microsoftwindows_ntMatch4.0sp2terminal_server
OR
microsoftwindows_ntMatch4.0sp2workstation
OR
microsoftwindows_ntMatch4.0sp3enterprise_server
OR
microsoftwindows_ntMatch4.0sp3server
OR
microsoftwindows_ntMatch4.0sp3terminal_server
OR
microsoftwindows_ntMatch4.0sp3workstation
OR
microsoftwindows_ntMatch4.0sp4enterprise_server
OR
microsoftwindows_ntMatch4.0sp4server
OR
microsoftwindows_ntMatch4.0sp4terminal_server
OR
microsoftwindows_ntMatch4.0sp4workstation
OR
microsoftwindows_ntMatch4.0sp5enterprise_server
OR
microsoftwindows_ntMatch4.0sp5server
OR
microsoftwindows_ntMatch4.0sp5terminal_server
OR
microsoftwindows_ntMatch4.0sp5workstation
OR
microsoftwindows_ntMatch4.0sp6enterprise_server
OR
microsoftwindows_ntMatch4.0sp6server
OR
microsoftwindows_ntMatch4.0sp6terminal_server
OR
microsoftwindows_ntMatch4.0sp6workstation
OR
microsoftwindows_ntMatch4.0sp6aenterprise_server
OR
microsoftwindows_ntMatch4.0sp6aserver
OR
microsoftwindows_ntMatch4.0sp6aterminal_server
OR
microsoftwindows_ntMatch4.0sp6aworkstation
OR
microsoftwindows_xphome
OR
microsoftwindows_xpgoldprofessional
OR
microsoftwindows_xpsp1home

Related

nessus 1
securityvulns 1
nvd 1
cvelist 1
nessus
nessus
MS03-008: Flaw in Windows Script Engine (814078)
2003-03-20 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine
2003-03-20 00:00:00
nvd
nvd
CVE-2003-0010
2003-03-24 05:00:00
cvelist
cvelist
CVE-2003-0010
2003-03-21 05:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.102 Low

EPSS

Percentile

95.0%

JSON
Related for CVE-2003-0010
nessus1securityvulns1nvd1cvelist1