Vulnerability Details CVE-2003-0507
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.448
EPSS Ranking 97.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=105716669921775&w=2
- http://secunia.com/advisories/9171
- http://support.microsoft.com/default.aspx?kbid=319709
- http://www.kb.cert.org/vuls/id/594108
- http://www.securityfocus.com/bid/7930
- http://marc.info/?l=bugtraq&m=105716669921775&w=2
- http://secunia.com/advisories/9171
- http://support.microsoft.com/default.aspx?kbid=319709
- http://www.kb.cert.org/vuls/id/594108
- http://www.securityfocus.com/bid/7930
Products affected by CVE-2003-0507
-
cpe:2.3:o:microsoft:windows_2000:-