What is CVE-2003-0352?

CVE-2003-0352 is a vulnerability in N/a. Published 2003-07-17.

Is CVE-2003-0352 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2003-0352

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welc…

EPSS: 0.911 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

win-rpc-dcom-bo(12629) (vdb-entry, x_refsource_XF)
CA-2003-16 (x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:296 (signature, x_refsource_OVAL, vdb-entry)
8205 (vdb-entry, x_refsource_BID)
20030730 rpcdcom Universal offsets (mailing-list, x_refsource_FULLDISC)
20030725 The Analysis of LSD's Buffer Overrun in Windows RPC Interface(code revised ) (mailing-list, x_refsource_BUGTRAQ)
20030726 Re: The French BUGTRAQ (New Win RPC Exploit) (mailing-list, x_refsource_FULLDISC)
oval:org.mitre.oval:def:194 (signature, x_refsource_OVAL, vdb-entry)
VU#568148 (x_refsource_CERT-VN, third-party-advisory)
20030716 [LSD] Critical security vulnerability in Microsoft Operating Systems (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2003-0352?: CVE-2003-0352 is a vulnerability in N/a. Published 2003-07-17.
Is CVE-2003-0352 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.