Summary
The remote host is vulnerable to a flaw in ntdll.dll which may allow an attacker to gain system privileges, by exploiting it thru, for instance, WebDAV in IIS5.0 (other services could be exploited, locally and/or remotely)
Note : Microsoft recommends (quoted from advisory) that:
If you have not already applied the MS03-007 patch from this bulletin, Microsoft recommends you apply the MS03-013 patch as it also corrects an additional vulnerability.
Solution
see http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx or http://www.microsoft.com/technet/security/bulletin/MS03-013.mspx
Severity
Classification
-
CVE CVE-2003-0109 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft Excel Remote Code Execution Vulnerability (956416)
- Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
- Cumulative Security Update for Internet Explorer (969897)
- Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
- Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)