Sign-up

ID

VAR-200312-0216


CVE

CVE-2003-0824


TITLE

Microsoft FrontPage Server Extensions contains denial of service vulnerability in the SmartHTML interpreter

Trust: 0.8

sources: CERT/CC: VU#179012

DESCRIPTION

Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. This issue could be exploited to deny availability of CPU resources on the system, potentially causing a denial of service condition

Trust: 3.33

sources: NVD: CVE-2003-0824 // CERT/CC: VU#179012 // CERT/CC: VU#279156 // JVNDB: JVNDB-2003-000340 // BID: 9008

AFFECTED PRODUCTS

vendor:microsoftmodel:sharepoint team servicesscope:eqversion:2002

Trust: 1.9

vendor:microsoftmodel:frontpage server extensionsscope:eqversion:2000

Trust: 1.9

vendor:microsoftmodel: - scope: - version: -

Trust: 1.6

vendor:microsoftmodel:frontpage server extensionsscope:eqversion:2002

Trust: 1.3

vendor:microsoftmodel:windows xpscope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:windows 2000scope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:iisscope:eqversion:4.0

Trust: 0.8

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 0.8

vendor:microsoftmodel:iisscope:eqversion:5.1

Trust: 0.8

vendor:microsoftmodel:windows 2000scope:eqversion:sp3

Trust: 0.6

vendor:microsoftmodel:windows xpscope:eqversion:sp1

Trust: 0.6

vendor:microsoftmodel:windows xpscope:eqversion:gold

Trust: 0.6

vendor:microsoftmodel:windows 2000scope:eqversion:sp2

Trust: 0.6

vendor:microsoftmodel:windows xp professional sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp home sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp2scope:eqversion:2000

Trust: 0.3

sources: CERT/CC: VU#179012 // CERT/CC: VU#279156 // BID: 9008 // JVNDB: JVNDB-2003-000340 // CNNVD: CNNVD-200312-053 // NVD: CVE-2003-0824

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2003-0824
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#179012
value: 3.09

Trust: 0.8

CARNEGIE MELLON: VU#279156
value: 52.31

Trust: 0.8

NVD: CVE-2003-0824
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200312-053
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2003-0824
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#179012 // CERT/CC: VU#279156 // JVNDB: JVNDB-2003-000340 // CNNVD: CNNVD-200312-053 // NVD: CVE-2003-0824

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0824

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200312-053

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200312-053

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2003-000340

PATCH
title:MS03-051url:http://www.microsoft.com/technet/security/bulletin/MS03-051.mspx
Trust: 0.8
title:MS03-051url:http://www.microsoft.com/japan/technet/security/bulletin/MS03-051.mspx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2003-000340

EXTERNAL IDS
db:SECUNIAid:10195
Trust: 3.2
db:CERT/CCid:VU#179012
Trust: 3.2
db:NVDid:CVE-2003-0824
Trust: 2.7
db:BIDid:9008
Trust: 1.1
db:CERT/CCid:VU#279156
Trust: 0.8
db:JVNDBid:JVNDB-2003-000340
Trust: 0.8
db:CNNVDid:CNNVD-200312-053
Trust: 0.6
sources:
            
            
            CERT/CC: VU#179012 // 
            
            
            
            CERT/CC: VU#279156 // 
            
            
            
            BID: 9008 // 
            
            
            
            JVNDB: JVNDB-2003-000340 // 
            
            
            
            CNNVD: CNNVD-200312-053 // 
            
            
            
            NVD: CVE-2003-0824

REFERENCES
url:http://www.kb.cert.org/vuls/id/179012
Trust: 2.4
url:http://www.microsoft.com/technet/security/bulletin/ms03-051.asp
Trust: 1.6
url:http://www.secunia.com/advisories/10195/
Trust: 1.6
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a591
Trust: 1.6
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a606
Trust: 1.6
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a308
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/13680
Trust: 1.6
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a625
Trust: 1.6
url:http://secunia.com/advisories/10195
Trust: 1.6
url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051
Trust: 1.6
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a762
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0824
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0824
Trust: 0.8
url:http://www.securityfocus.com/bid/9008
Trust: 0.8
url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-051.asp
Trust: 0.3
sources:
            
            
            CERT/CC: VU#179012 // 
            
            
            
            CERT/CC: VU#279156 // 
            
            
            
            BID: 9008 // 
            
            
            
            JVNDB: JVNDB-2003-000340 // 
            
            
            
            CNNVD: CNNVD-200312-053 // 
            
            
            
            NVD: CVE-2003-0824

CREDITS
Microsoft Security Team※ secure@microsoft.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200312-053

SOURCES
db:CERT/CCid:VU#179012
db:CERT/CCid:VU#279156
db:BIDid:9008
db:JVNDBid:JVNDB-2003-000340
db:CNNVDid:CNNVD-200312-053
db:NVDid:CVE-2003-0824

LAST UPDATE DATE
2024-08-14T14:29:29.635000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#179012date:2003-11-14T00:00:00
db:CERT/CCid:VU#279156date:2003-11-14T00:00:00
db:BIDid:9008date:2009-07-12T00:56:00
db:JVNDBid:JVNDB-2003-000340date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200312-053date:2019-05-05T00:00:00
db:NVDid:CVE-2003-0824date:2019-04-30T14:27:12.397

SOURCES RELEASE DATE
db:CERT/CCid:VU#179012date:2003-11-14T00:00:00
db:CERT/CCid:VU#279156date:2003-11-12T00:00:00
db:BIDid:9008date:2003-11-11T00:00:00
db:JVNDBid:JVNDB-2003-000340date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200312-053date:2003-11-05T00:00:00
db:NVDid:CVE-2003-0824date:2003-12-15T05:00:00