Vulnerability Name:

CVE-2003-0719 (CCN-12380)

Assigned:2003-09-02
Published:2004-04-13
Updated:2018-10-12
Summary:Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
7.1 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:U/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
7.1 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:U/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2003-0719

Source: CCN
Type: CIAC Information Bulletin O-114
Microsoft Security Update for Microsoft Windows

Source: CCN
Type: US-CERT VU#586540
Microsoft Private Communication Technology (PCT) fails to properly validate message inputs

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#586540

Source: CCN
Type: Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)

Source: CCN
Type: SecuriTeam Mailing List, Windows focus 22 Apr 2004
Microsoft SSL Library Remote Compromise Vulnerability (MS04-011, Exploit)

Source: BUGTRAQ
Type: Patch, Vendor Advisory
20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719)

Source: CCN
Type: BID-10116
Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

Source: CERT
Type: Third Party Advisory, US Government Resource
TA04-104A

Source: CCN
Type: Internet Security Systems Security Advisory, April 13, 2004
Microsoft SSL Library Remote Compromise Vulnerability

Source: ISS
Type: Patch, Vendor Advisory
20040413 Microsoft SSL Library Remote Compromise Vulnerability

Source: CCN
Type: Internet Security Systems Security Alert, April 13, 2004
Multiple Vulnerabilities in Microsoft Products

Source: MS
Type: UNKNOWN
MS04-011

Source: XF
Type: UNKNOWN
ssl-pct1-bo(12380)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1093

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:889

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:903

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:951

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:netmeeting:*:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:exchange_server:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:exchange_server:2000:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_information_server:6.0:beta:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:*:x64:*:*:*:*:*
  • OR cpe:/a:microsoft:exchange_server:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_information_services:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_information_server:5.0:*:*:*:far_east:*:*:*
  • OR cpe:/a:microsoft:internet_information_services:5.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:microsoft:netmeeting:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows:2003_server:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:r2:enterprise:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:889
    V
    		Windows XP SSL PCT Handshake Vulnerability
    2011-05-16
    oval:org.mitre.oval:def:903
    V
    		Windows NT SSL PCT Handshake Vulnerability
    2008-03-24
    oval:org.mitre.oval:def:951
    V
    		Windows 2000 SSL PCT Handshake Vulnerability
    2007-05-23
    oval:org.mitre.oval:def:1093
    V
    		Windows Server 2003 SSL PCT Handshake Vulnerability
    2007-05-23
    BACK
    microsoft netmeeting *
    microsoft windows 2000 * sp2
    microsoft windows 2000 * sp4
    microsoft windows 2003 server r2
    microsoft windows 98 * gold
    microsoft windows me *
    microsoft windows nt 4.0 sp6a
    microsoft windows xp * sp1
    microsoft exchange server 5.5
    microsoft exchange server 2000
    microsoft iis 6.0 beta
    microsoft windows 2003_server
    microsoft exchange server 2003
    microsoft internet information server 4.0
    microsoft internet information server 5.0
    microsoft internet information server 5.1
    microsoft netmeeting *
    microsoft windows 2000 * sp2
    microsoft windows 2000 * sp3
    microsoft windows xp * sp1
    microsoft windows 2000 * sp4
    microsoft windows xp *
    microsoft windows 2003_server
    microsoft windows 2003 server * r2