CVE-2003-0111

EXPLOITED

Microsoft Virtual Machine - Remote Code Execution via Malicious Java Applet

Title source: llm

Exploitation Summary

CVE-2003-0111 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Last Stage of Delirium.

AI-analyzed exploit summary The exploit targets a vulnerability in the Microsoft Java Virtual Machine (JVM) that allows malicious Java applets to escape the security sandbox. It leverages bytecode-level manipulation to perform illegal operations, potentially leading to code execution with the victim's privileges.

Description

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Last Stage of Delirium · textremotewindows

https://www.exploit-db.com/exploits/22027

View Code ZIP pw:eip

The exploit targets a vulnerability in the Microsoft Java Virtual Machine (JVM) that allows malicious Java applets to escape the security sandbox. It leverages bytecode-level manipulation to perform illegal operations, potentially leading to code execution with the victim's privileges.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Java Virtual Machine (versions prior to the fix for CVE-2003-0111)

No auth needed

Prerequisites: Victim must run a vulnerable version of Microsoft JVM · Victim must visit a webpage hosting the malicious applet

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Patch, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/11751.php

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/447569

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-011

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A136

Scores

EPSS 0.3932

EPSS Percentile 97.4%

Details

VulnCheck KEV 2010-05-01

Status published

Products (5)

microsoft/virtual_machine 3802

microsoft/virtual_machine 3805

microsoft/virtual_machine 3809

microsoft/windows_2000 (4 CPE variants)

microsoft/windows_2000_terminal_services (4 CPE variants)

Published May 05, 2003

Tracked Since Feb 18, 2026