CVE-2004-0116 — Microsoft Windows 2003 Server vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

54.2%

top 1.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedJun 1

Latest updateApr 29

Description

An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serverr2

Patches

Patch: www.eeye.com ↗Patch: www.kb.cert.org ↗Patch: www.eeye.com ↗

🔴Vulnerability Details

GHSA

GHSA-2mhq-qg26-p24h: An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a↗2022-04-29

▶

CVEList

CVE-2004-0116: An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a↗2004-04-16

▶

VulnCheck

Microsoft Windows Uncontrolled Resource Consumption↗2004

▶