CVE-2003-0717

CVE Database · CVE-2003-0717

CVE-2003-0717

· N/AModified

CVSS v3.1

N/A

EPSS

58.89%

Published

Nov 17, 2003

Modified

Apr 15, 2026

Public PoC / Exploit (5)

All weaponized →

Exploit-DBMicrosoft Windows Messenger Service - Denial of Service (MS03-043)Exploit-DBMicrosoft Messenger (Linux) - Denial of Service (MS03-043)Exploit-DBMicrosoft Windows Messenger Service (French) - Remote (MS03-043)Exploit-DBMicrosoft Windows XP/2000 - Messenger Service Buffer Overrun (MS03-043)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Affected Products (48)

microsoft · windows_2000vulnerable

microsoft · windows_2003_servervulnerable

References (16)

http://marc.info/?l=bugtraq&m=106666713812158&w=2

http://marc.info/?l=ntbugtraq&m=106632188709562&w=2

http://www.cert.org/advisories/CA-2003-27.html

US Government Resource

http://www.kb.cert.org/vuls/id/575892

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/8826

ExploitPatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-043

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A213

KEV Catalog EPSS Scores Vendors All CVEs

microsoft · windows_2003_servervulnerable

microsoft · windows_mevulnerable

microsoft · windows_ntvulnerable

microsoft · windows_xpvulnerable

http://www.kb.cert.org/vuls/id/575892

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/8826

ExploitPatchVendor Advisory