Vulnerability Details CVE-2003-0349
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.882
EPSS Ranking 99.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=105665030925504&w=2
- http://secunia.com/advisories/9115
- http://securitytracker.com/id?1007059
- http://www.kb.cert.org/vuls/id/113716
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0306&L=NTBUGTRAQ&P=R4563
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938
- http://marc.info/?l=bugtraq&m=105665030925504&w=2
- http://secunia.com/advisories/9115
- http://securitytracker.com/id?1007059
- http://www.kb.cert.org/vuls/id/113716
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0306&L=NTBUGTRAQ&P=R4563
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938
Products affected by CVE-2003-0349
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3