| Vulnerability Name: | CVE-2003-0111 (CCN-11751) | ||||||||
| Assigned: | 2003-04-09 | ||||||||
| Published: | 2003-04-09 | ||||||||
| Updated: | 2019-04-30 | ||||||||
| Summary: | The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise." | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2003-0111 Source: CCN Type: CIAC Information Bulletin N-074 Microsoft Virtual Machine (VM) Vulnerability Source: XF Type: Patch, Vendor Advisory msvm-bytecode-improper-validation(11751) Source: CCN Type: US-CERT VU#447569 Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code Source: CERT-VN Type: Patch, Third Party Advisory, US Government Resource VU#447569 Source: CCN Type: Microsoft Security Bulletin MS03-011 Flaw in Microsoft VM Could Enable System Compromise (816093) Source: CCN Type: OSVDB ID: 2969 Microsoft VM Bytecode Verifier Execute Arbitrary Code Source: MS Type: UNKNOWN MS03-011 Source: XF Type: UNKNOWN msvm-bytecode-improper-validation(11751) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:136 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||