CVE-2003-0533

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
89.0%
Exploitation probability in 30 days
Top 0% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: June 1, 2004 (8017 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

CWE

NVD-CWE-Other

Affected Products

microsoft netmeetingmicrosoft windows 2000microsoft windows 2003 servermicrosoft windows 98microsoft windows memicrosoft windows ntmicrosoft windows xp

References

🔗 lists.grok.org.uk 🔗 marc.info 🔗 www.ciac.org 🔗 www.eeye.com 🔗 www.kb.cert.org