Unrated severityNVD Advisory· Published May 5, 2003· Updated Apr 16, 2026

CVE-2003-0111

Description

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."

Affected products

Microsoft/Virtual Machine3 versions
cpe:2.3:a:microsoft:virtual_machine:3802:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:virtual_machine:3802:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3805:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3809:*:*:*:*:*:*:*
Microsoft/Windows 20004 versions
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
Microsoft/Windows 2000 Terminal Services4 versions
cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.iss.net/security_center/static/11751.phpnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/447569nvdPatchThird Party AdvisoryUS Government Resource
docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-011nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A136nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.031
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000