CVE-2003-0719

Microsoft Windows and NetMeeting - Remote Code Execution via PCT Handshake Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2003-0719. PoCs published by Metasploit, Johnny Cyberpunk, hdm, including Metasploit module exploits/windows/ssl/ms04_011_pct.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in the Microsoft Windows SSL PCT protocol stack (CVE-2003-0719). It targets multiple Windows versions (2000, XP) and supports raw or SMTP protocols for exploitation.

Description

Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16334

This is a Metasploit module exploiting a buffer overflow in the Microsoft Windows SSL PCT protocol stack (CVE-2003-0719). It targets multiple Windows versions (2000, XP) and supports raw or SMTP protocols for exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows SSL PCT protocol stack (Windows 2000, XP)
No auth needed
Prerequisites: Network access to a vulnerable SSL service (e.g., SMTP with STARTTLS)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Johnny Cyberpunk · cremotewindows
https://www.exploit-db.com/exploits/275

This exploit targets a buffer overflow vulnerability in IIS 5.0 SSL to achieve remote code execution. It uses a connect-back shell to establish a reverse shell connection to the attacker's specified IP and port.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft IIS 5.0
No auth needed
Prerequisites: Network access to the target's SSL port (443) · Knowledge of the target's IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ssl/ms04_011_pct.rb

This Metasploit module exploits a buffer overflow in the Microsoft Windows SSL PCT protocol stack (CVE-2003-0719) to achieve remote code execution. It supports multiple Windows versions and can be used against raw SSL services or SMTP with STARTTLS.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows SSL PCT protocol stack (Windows 2000, XP)
No auth needed
Prerequisites: Network access to a vulnerable SSL service or SMTP server with STARTTLS enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/361836
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/586540
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
Patch, Vendor Advisory third-party-advisory x_refsource_iss
http://xforce.iss.net/xforce/alerts/id/168
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951

Scores

EPSS 0.8120
EPSS Percentile 99.6%

Details

Status published
Products (7)
microsoft/netmeeting
microsoft/windows_2000 (2 CPE variants)
microsoft/windows_2003_server r2
microsoft/windows_98
microsoft/windows_me
microsoft/windows_nt 4.0 sp6a
microsoft/windows_xp
Published Jun 01, 2004
Tracked Since Feb 18, 2026