CVE Vulnerabilities

CVE-2003-0660

Published: Nov 17, 2003 | Modified: Apr 30, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.

Affected Software

Name Vendor Start Version End Version
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft web web
Windows_2003_server Microsoft enterprise enterprise
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft enterprise_64-bit enterprise_64-bit
Windows_xp Microsoft * *
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft r2 r2
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2003_server Microsoft standard standard
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_2000 Microsoft * *
Windows_2000 Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_xp Microsoft * *
Windows_2003_server Microsoft r2 r2
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0
Windows_nt Microsoft 4.0 4.0

References