Summary
A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail.
Disabling the Messenger Service will prevent the possibility of attack.
This plugin determined by reading the remote registry that the patch MS03-043 has not been applied.
Solution
see http://www.microsoft.com/technet/security/bulletin/ms03-043.mspx
Severity
Classification
-
CVE CVE-2003-0717 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft DirectShow Remote Code Execution Vulnerability (2929961)
- Cumulative Patch for Internet Information Services (Q327696)
- Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2514842)
- Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)