← CVECheck
HomeVulnerabilities

CVE-2003-0525 — MEDIUM severity vulnerability (The getCanonicalPath function in Windows NT 4.0 may free mem)

The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCano

CVE IDCVE-2003-0525
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2003-08-27
Last modified2026-04-16
DescriptionThe getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →