Vulnerability Description
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 6.0.2900 |
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 98 | All versions |
| Microsoft | Windows Me | All versions |
| Microsoft | Windows Xp | All versions |
References
- http://seclists.org/lists/bugtraq/2004/Apr/0322.htmlVendor Advisory
- http://seclists.org/lists/fulldisclosure/2004/Apr/0933.htmlVendor Advisory
- http://secunia.com/advisories/11482/
- http://securitytracker.com/id?1011647
- http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857
- http://www.kb.cert.org/vuls/id/616200US Government Resource
- http://www.osvdb.org/5687
- http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html
- http://www.securityfocus.com/bid/10213
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-03
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15956
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17662
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2004-0214?
CVE-2004-0214 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application cra...
How severe is CVE-2004-0214?
CVE-2004-0214 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0214?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer, Microsoft Windows 2000, Microsoft Windows 98, Microsoft Windows Me, Microsoft Windows Xp.