CVE-2003-0719: Buffer Overflow
First published: Fri Apr 16 2004(Updated: )
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft NetMeeting | ||
| Microsoft Windows 2000 | =sp2 | |
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows Server 2003 | =r2 | |
| Microsoft Windows | ||
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows 9x | =gold |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://xforce.iss.net/xforce/alerts/id/168
- http://www.securityfocus.com/archive/1/361836
- http://www.us-cert.gov/cas/techalerts/TA04-104A.html
- http://www.kb.cert.org/vuls/id/586540
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Frequently Asked Questions
What is the severity of CVE-2003-0719?
CVE-2003-0719 is considered critical due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2003-0719?
To fix CVE-2003-0719, ensure that you apply the relevant patches provided by Microsoft for affected products.
What software versions are affected by CVE-2003-0719?
CVE-2003-0719 affects Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Windows 2003 Server, and older versions such as Windows 98 and Me.
Can CVE-2003-0719 be exploited remotely?
Yes, CVE-2003-0719 can be exploited remotely, allowing attackers to execute malicious code on vulnerable systems.
Is there a workaround for CVE-2003-0719?
While the best solution is to apply patches, disabling the PCT protocol in affected applications can serve as a temporary workaround.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/references
- agent/remedy
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft netmeeting
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp2
- canonical/microsoft windows xp
- version/microsoft windows xp/sp1
- canonical/microsoft windows nt
- version/microsoft windows nt/4.0-sp6a
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/r2
- canonical/microsoft windows
- version/microsoft windows 2000/sp4
- canonical/microsoft windows 9x
- version/microsoft windows 9x/gold