CVE-2003-0528 Information

Description

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0100.html http://marc.info/?l=bugtraq&m=106407417011430&w=2 http://www.cert.org/advisories/CA-2003-23.html http://www.kb.cert.org/vuls/id/254236 http://www.nsfocus.com/english/homepage/research/0306.htm https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A127 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2884 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2968 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3966