CVE-2003-0003

Microsoft Windows 2000 Terminal Services - Buffer Overflow

Title source: rule

Description

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Marcin Wolak · cremotewindows

https://www.exploit-db.com/exploits/5

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by David Litchfield · textremotewindows

https://www.exploit-db.com/exploits/22194

View Code ZIP pw:eip

References (8)

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-001

[Third Party Advisory] http://marc.info/?l=bugtraq&m=104394414713415&w=2

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A103

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11132

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/6666

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/610986

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2003-03.html

[Third Party Advisory] http://marc.info/?l=ntbugtraq&m=104393588232166&w=2

Scores

EPSS 0.2341

EPSS Percentile 96.0%

Details

Status published

Products (4)

microsoft/windows_2000 (4 CPE variants)

microsoft/windows_2000_terminal_services (4 CPE variants)

microsoft/windows_nt 4.0 (32 CPE variants)

microsoft/windows_xp (5 CPE variants)

Published Feb 07, 2003

Tracked Since Feb 18, 2026