Описание
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
Ссылки
- US Government Resource
- US Government Resource
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
Конфигурация 3
Одновременно
Одно из
cpe:2.3:o:microsoft:windows_2003_server:gold:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:gold:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:gold:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.75423
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
EPSS
Процентиль: 99%
0.75423
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other