CVE-2003-0227

The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=105427615626177&w=2	Issue Tracking Third Party Advisory
http://marc.info/?l=ntbugtraq&m=105421127531558&w=2	Issue Tracking Third Party Advisory
http://marc.info/?l=ntbugtraq&m=105421176432011&w=2	Issue Tracking Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966	Third Party Advisory
http://marc.info/?l=bugtraq&m=105427615626177&w=2	Issue Tracking Third Party Advisory
http://marc.info/?l=ntbugtraq&m=105421127531558&w=2	Issue Tracking Third Party Advisory
http://marc.info/?l=ntbugtraq&m=105421176432011&w=2	Issue Tracking Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_2000:-:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:::::::*

History

No history.

Information

Published : 2003-06-09 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2003-0227

Mitre link : CVE-2003-0227

CVE.ORG link : CVE-2003-0227

JSON object : View

Products Affected

microsoft

windows_nt
windows_2000

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2003-0227", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-06-09T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=105427615626177&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=ntbugtraq&m=105421127531558&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=ntbugtraq&m=105421176432011&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=105427615626177&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=ntbugtraq&m=105421127531558&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=ntbugtraq&m=105421176432011&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request."}, {"lang": "es", "value": "La librer\u00eda nsisslog.dll de la extensi\u00f3n ISAPI de Microsoft Winodws Media Services en Windows NT 4.0 y 2000 permite que atacante remotos provoquen una denegaci\u00f3n de servicio en el Internet Information Server (IIS) mediante una cierta petici\u00f3n de red."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8"}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}