CVE-2003-0665

Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.kb.cert.org/vuls/id/992132	US Government Resource
http://secunia.com/advisories/9668
http://www.securityfocus.com/bid/8536
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:access:2000:::::::*
	cpe:2.3:a:microsoft:access:97:::::::*
	cpe:2.3:a:microsoft:access:2000:sp3::::::
	cpe:2.3:a:microsoft:access:2002:::::::*
	cpe:2.3:a:microsoft:access:2000:sp1::::::
	cpe:2.3:a:microsoft:access:2000:sp2::::::
	cpe:2.3:a:microsoft:access:2002:sp1::::::
	cpe:2.3:a:microsoft:access:2002:sp2::::::

Information

Published : 2003-10-19 21:00

Updated : 2018-10-12 14:32

NVD link : CVE-2003-0665

Mitre link : CVE-2003-0665

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

microsoft

access

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/992132", "name": "VU#992132", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://secunia.com/advisories/9668", "name": "9668", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/8536", "name": "8536", "tags": [], "refsource": "BID"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038", "name": "MS03-038", "tags": [], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2003-0665", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2003-10-20T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:access:2000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:97:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2000:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2002:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2000:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2000:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2002:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:access:2002:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-12T21:32Z"}