Unrated severityNVD Advisory· Published Mar 31, 2003· Updated Apr 16, 2026

CVE-2003-0109

Description

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

Affected products

Microsoft/Windows 20004 versions
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
Microsoft/Windows 2000 Terminal Services4 versions
cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cert.org/advisories/CA-2003-09.htmlnvdPatchThird Party AdvisoryUS Government Resource
www.iss.net/issEn/delivery/xforce/alertdetail.jspnvdPatchVendor Advisory
www.iss.net/security_center/static/11533.phpnvdPatchVendor Advisory
www.securityfocus.com/bid/7116nvdExploitPatchVendor Advisory
www.kb.cert.org/vuls/id/117394nvdUS Government Resource
marc.infonvd
marc.infonvd
marc.infonvd
marc.infonvd
marc.infonvd
marc.infonvd
microsoft.com/downloads/details.aspxnvd
support.microsoft.com/default.aspxnvd
www.nextgenss.com/papers/ms03-007-ntdll.pdfnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.071
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000