Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0822Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Frontpage Server Extensions

5 documents4 sources
Severity
7.5HIGHNVD
EPSS
89.1%
top 0.47%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Frontpage Server ExtensionsMicrosoft Sharepoint Team Services
Timeline
PublishedDec 15
Latest updateApr 29

Description

Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/frontpage2000, 2002+1

🔴Vulnerability Details

2
GHSA
GHSA-82pc-5hvw-f9gx: Buffer overflow in the debug functionality in fp30reg2022-04-29
CVEList
CVE-2003-0822: Buffer overflow in the debug functionality in fp30reg2003-11-18

💥Exploits & PoCs

2
Exploit-DB
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (MS03-051) (Metasploit)2010-07-25
Exploit-DB
Microsoft FrontPage Server Extensions - 'fp30reg.dll' (MS03-051)2003-11-13
CVE-2003-0822 — Microsoft vulnerability | cvebase