PT-2004-1377 · Microsoft · Windows 2000+3

Brett Moore

Publicado

2004-07-14

Atualizado

2019-04-30

CVE-2004-0212

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows 2000 Windows XP Internet Explorer 6 on Windows NT 4.0

Description A stack-based buffer overflow issue allows local or remote attackers to execute arbitrary code via a .job file containing long parameters. This can be exploited by accessing a .job file on an anonymous share using Internet Explorer.

Recommendations For Windows 2000, update to a version that includes the fix for this issue. For Windows XP, update to a version that includes the fix for this issue. For Internet Explorer 6 on Windows NT 4.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to .job files on anonymous shares to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-0212

Produtos afetados

Internet Explorer 6

Windows 2000

Windows Nt 4.0

Windows Xp

PT-2004-1377 · Microsoft · Windows 2000+3

CVE-2004-0212

Identificadores relacionados

Produtos afetados

Referências · 15