Summary
A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail.
Disabling the Messenger Service will prevent the possibility of attack.
This plugin determined by reading the remote registry that the patch MS03-043 has not been applied.
Solution
see http://www.microsoft.com/technet/security/bulletin/ms03-043.mspx
Severity
Classification
-
CVE CVE-2003-0717 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)
- Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)
- Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
- Buffer Overrun in the ListBox and in the ComboBox (824141)
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)