Microsoft : Security vulnerabilities, CVEs published in September 2003

Copy

CVE-2003-0768

Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.

Max CVSS

6.8

EPSS Score

95.10%

Published

2003-09-22

Updated

2016-10-18

CVE-2003-0715

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.

Max CVSS

10.0

EPSS Score

70.33%

Published

2003-09-17

Updated

2019-04-30

CVE-2003-0528

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.

Max CVSS

10.0

EPSS Score

69.64%

Published

2003-09-17

Updated

2019-04-30

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!