CVE-2003-0813

Description

A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.

Related CPE's

Could not find any relations

References

VU#547820

PatchThird Party AdvisoryUS Government Resource

20031014 Microsoft RPC Race Condition Denial of Service

PatchVendor Advisory

20031010 Re : [VERY] BAD news on RPC DCOM Exploit

20031010 Re: Bad news on RPC DCOM vulnerability

http://www.securitylab.ru/_exploits/rpc2.c.txt

20031011 Bad news on RPC DCOM2 vulnerability

TA04-104A

US Government Resource

8811

20031010 Bad news on RPC DCOM vulnerability

20031011 RE: Bad news on RPC DCOM vulnerability

20031010 Bad news on RPC DCOM vulnerability

oval:org.mitre.oval:def:900

oval:org.mitre.oval:def:894

oval:org.mitre.oval:def:893

MS04-012

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:H/Au:N/C:P/I:P/A:P
AccessVector	NETWORK
AccessComplexity	HIGH
Authentication	NONE
ConfidentialityImpact	PARTIAL
IntegrityImpact	PARTIAL
AvailabilityImpact	PARTIAL
BaseScore	5.099999904632568

Created by Yello

About Severity.io