CVE-2003-0469 - OpenCVE

Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000 Windows 2003 Server Windows 98 Windows 98se Windows Me Windows Nt Windows Xp

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2003_server:64-bit:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*
	cpe:2.3:o:microsoft:windows_98::gold::::::*
	cpe:2.3:o:microsoft:windows_98se::::::::
	cpe:2.3:o:microsoft:windows_me::::::::
	cpe:2.3:o:microsoft:windows_nt:4.0::server:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::terminal_server:::::
	cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
	cpe:2.3:o:microsoft:windows_xp::gold::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html
http://marc.info/?l=bugtraq&m=105639925122961&w=2
http://www.cert.org/advisories/CA-2003-14.html
http://www.kb.cert.org/vuls/id/823260
http://www.securityfocus.com/bid/8016
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-06-28T04:00:00

Updated: 2024-08-08T01:58:10.165Z

Reserved: 2003-06-26T00:00:00

Link: CVE-2003-0469

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-08-07T04:00:00.000

Modified: 2018-10-12T21:32:45.570

Link: CVE-2003-0469

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-06-23T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long \"align\" argument in an HR tag."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030622 Internet Explorer >=5.0 : Buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105639925122961&w=2"}, {"name": "CA-2003-14", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2003-14.html"}, {"name": "20030625 Re: Internet Explorer >=5.0 : Buffer overflow", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html"}, {"name": "8016", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8016"}, {"name": "VU#823260", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/823260"}, {"name": "MS03-023", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023"}, {"name": "20030701 PoC for Internet Explorer >=5.0 buffer overflow (trivial exploit for hard case).", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0469", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long \"align\" argument in an HR tag."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030622 Internet Explorer >=5.0 : Buffer overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105639925122961&w=2"}, {"name": "CA-2003-14", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2003-14.html"}, {"name": "20030625 Re: Internet Explorer >=5.0 : Buffer overflow", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html"}, {"name": "8016", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8016"}, {"name": "VU#823260", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/823260"}, {"name": "MS03-023", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023"}, {"name": "20030701 PoC for Internet Explorer >=5.0 buffer overflow (trivial exploit for hard case).", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:58:10.165Z"}, "title": "CVE Program Container", "references": [{"name": "20030622 Internet Explorer >=5.0 : Buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105639925122961&w=2"}, {"name": "CA-2003-14", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2003-14.html"}, {"name": "20030625 Re: Internet Explorer >=5.0 : Buffer overflow", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html"}, {"name": "8016", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8016"}, {"name": "VU#823260", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/823260"}, {"name": "MS03-023", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023"}, {"name": "20030701 PoC for Internet Explorer >=5.0 buffer overflow (trivial exploit for hard case).", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0469", "datePublished": "2003-06-28T04:00:00", "dateReserved": "2003-06-26T00:00:00", "dateUpdated": "2024-08-08T01:58:10.165Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*", "matchCriteriaId": "D2CA1674-A8A0-479A-9D80-344D3C563A24", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*", "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long \"align\" argument in an HR tag."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el Convertidor HTML (HTML32.cnv) de varios sistemas operativos Windows, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario mediante una operaci\u00f3n de cortar-y-pegar, como se ha demostrado en Internet Explorer 5.0 usando un arguemento \"align\" larga en una etiqueta HR."}], "id": "CVE-2003-0469", "lastModified": "2018-10-12T21:32:45.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-08-07T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006155.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006067.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105639925122961&w=2"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2003-14.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/823260"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/8016"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-023"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}