CVE-2004-0201

Опубликовано: 06 авг. 2004

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*

cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*

cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*

cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*

EPSS

Процентиль: 98%

0.45244

Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rfqx-p859-5rqq

github

почти 4 года назад