CVE-2003-0665

Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/9668
http://www.kb.cert.org/vuls/id/992132	US Government Resource
http://www.securityfocus.com/bid/8536
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:access:97:::::::*
	cpe:2.3:a:microsoft:access:2000:::::::*
	cpe:2.3:a:microsoft:access:2000:sp1::::::
	cpe:2.3:a:microsoft:access:2000:sp2::::::
	cpe:2.3:a:microsoft:access:2000:sp3::::::
	cpe:2.3:a:microsoft:access:2002:::::::*
	cpe:2.3:a:microsoft:access:2002:sp1::::::
	cpe:2.3:a:microsoft:access:2002:sp2::::::

History

No history.

Information

Published : 2003-10-20 04:00

Updated : 2024-02-04 16:31

NVD link : CVE-2003-0665

Mitre link : CVE-2003-0665

CVE.ORG link : CVE-2003-0665

JSON object : View

Products Affected

microsoft

access

CWE

NVD-CWE-Other

{"id": "CVE-2003-0665", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2003-10-20T04:00:00.000", "references": [{"url": "http://secunia.com/advisories/9668", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/992132", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/8536", "source": "cve@mitre.org"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control."}], "lastModified": "2018-10-12T21:32:57.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:access:97:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "561C0480-2B14-43E0-B187-06092D9A2D83"}, {"criteria": "cpe:2.3:a:microsoft:access:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90D7BA07-3BCA-41CF-B5D3-341E912650A2"}, {"criteria": "cpe:2.3:a:microsoft:access:2000:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0D4E612-C69D-43F8-8799-56081AFDE506"}, {"criteria": "cpe:2.3:a:microsoft:access:2000:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "511853E6-780A-4BA9-A611-D208A32F480D"}, {"criteria": "cpe:2.3:a:microsoft:access:2000:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C3AF12-4033-4762-9833-17B98F32403A"}, {"criteria": "cpe:2.3:a:microsoft:access:2002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83DFFFF4-EA09-48C5-A600-A62C1A1A7360"}, {"criteria": "cpe:2.3:a:microsoft:access:2002:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1FC803B-68D8-45E2-8D52-A7C1FB3524DE"}, {"criteria": "cpe:2.3:a:microsoft:access:2002:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD7DDC24-6DFA-46AB-96D9-B4DDA663FCD2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}