| Vulnerability Name: | CVE-2004-0214 (CCN-15956) | ||||||||||||||||||||||||
| Assigned: | 2004-04-25 | ||||||||||||||||||||||||
| Published: | 2004-04-25 | ||||||||||||||||||||||||
| Updated: | 2021-07-23 | ||||||||||||||||||||||||
| Summary: | Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Sun Apr 25 2004 - 17:01:53 CDT Microsoft's Explorer and Internet Explorer long share name buffer overflow. Source: CCN Type: Full-Disclosure Mailing List, Sun Apr 25 2004 - 16:38:24 CDT Microsoft's Explorer and Internet Explorer long share name buffer overflow. Source: MITRE Type: CNA CVE-2004-0214 Source: BUGTRAQ Type: Vendor Advisory 20040425 Microsoft's Explorer and Internet Explorer long share name buffer overflow. Source: FULLDISC Type: Vendor Advisory 20040425 Microsoft's Explorer and Internet Explorer long share name buffer overflow. Source: CCN Type: SA11482 Windows Explorer / Internet Explorer Long Share Name Buffer Overflow Source: SECUNIA Type: UNKNOWN 11482 Source: CCN Type: SECTRACK ID: 1011647 Microsoft Windows Shell Buffer Overflows Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1011647 Source: MSKB Type: UNKNOWN 322857 Source: CCN Type: CIAC Information Bulletin P-007 Microsoft Windows Shell and Program Group Converter Vulnerabilities Source: CCN Type: US-CERT VU#616200 Microsoft Windows Shell contains a buffer overflow Source: CERT-VN Type: US Government Resource VU#616200 Source: CCN Type: Microsoft Security Bulletin MS04-037 Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) Source: OSVDB Type: UNKNOWN 5687 Source: CCN Type: OSVDB ID: 5687 Microsoft Windows IE and Explorer Share Name Overflow Source: MISC Type: UNKNOWN http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html Source: BID Type: UNKNOWN 10213 Source: CCN Type: BID-10213 Microsoft Windows Shell Long Share Name Buffer Overrun Vulnerability Source: MS Type: UNKNOWN MS04-037 Source: XF Type: UNKNOWN win-long-fileshare-bo(15956) Source: XF Type: UNKNOWN win-long-fileshare-bo(15956) Source: XF Type: UNKNOWN win-ms04037-patch(17662) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1601 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1749 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:2638 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:4345 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:5307 Source: CCN Type: Microsoft Knowledge Base Article - 322857 Windows Explorer Quits and Generates an Error Message When You Try to Map a Network Drive | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||