[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2003-0010Date: (C)2003-03-24   (M)2023-12-22


Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=26
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0139.html
http://marc.info/?l=bugtraq&m=104812108307645&w=2
BID-7146
MS03-008

CPE    41
cpe:/o:microsoft:windows_nt:4.0:sp6:server
cpe:/o:microsoft:windows_nt:4.0:sp4:server
cpe:/o:microsoft:windows_nt:4.0:sp5:server
cpe:/o:microsoft:windows_nt:4.0:sp3:server
...
OVAL    4
oval:org.mitre.oval:def:134
oval:org.mitre.oval:def:200
oval:org.mitre.oval:def:794
oval:org.mitre.oval:def:795
...

© SecPod Technologies