Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2003-0659

Published: 17/11/2003 Updated: 30/04/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 730
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Windows 2003 Server

Vulnerability Summary

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2003 server r2

microsoft windows nt 4.0

microsoft windows xp

microsoft windows 2000

microsoft windows 2003 server standard

microsoft windows 2003 server web

microsoft windows 2003 server enterprise

microsoft windows 2003 server enterprise_64-bit

Exploits

Exploit DB: Microsoft ListBox/ComboBox Control - 'User32.dll' Buffer Overrun
source: wwwsecurityfocuscom/bid/8827/info Microsoft has reported the existence of a local buffer overrun vulnerability in an undisclosed User32dll library function This function is used by applications implementing the use of ListBox or ComboBox controls and will be triggered when the program encounters specific types of Windows message ...
Exploit DB: Microsoft Windows - ListBox/ComboBox Control Local (MS03-045)
/* \ local ListBox/ComboBox exploit for Win32 / \ Created by xCrZx crazy_einstein yahoo com /111103/ / \ Usage: MS03-045exe <-t target> [-r return address] / \ there is two targets: CB_DIR (for ComboBox), LB_DIR (for ListBox) / \ As to return address it should be such as 0x0000XXYY / (and you should know that this address will be transf ...

References

NVD-CWE-Otherhttp://www.kb.cert.org/vuls/id/967668http://www.securityfocus.com/bid/8827http://www.cert.org/advisories/CA-2003-27.htmlhttp://marc.info/?l=bugtraq&m=106631999907035&w=2http://marc.info/?l=ntbugtraq&m=106632111408343&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/13424https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A340https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A201https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-045https://nvd.nist.govhttps://www.exploit-db.com/exploits/23255/https://www.kb.cert.org/vuls/id/967668
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook