Vulnerability Details : CVE-2004-0212

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.

Vulnerability category: OverflowExecute code

Published 2004-08-06 04:00:00

Updated 2019-04-30 14:27:14

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-0212

Probability of exploitation activity in the next 30 days: 86.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0212

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2004-0212

Products affected by CVE-2004-0212

Microsoft » Windows Nt » Version: 4.0 Update Sp6a Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update Sp6a Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update Sp6a Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP1
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP2
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP4
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP3
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
Matching versions
Microsoft » IE » Version: 6.0 Update SP1
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP1 Home Edition
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update Gold Professional Edition
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » 64-bit Edition
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP1 64-bit Edition
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Home Edition
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
Matching versions
Avaya » Modular Messaging Message Storage Server » Version: S3400
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*
Matching versions
Avaya » Ip600 Media Servers
cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
Matching versions
Avaya » Definity One Media Server
cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
Matching versions
Avaya » S8100
cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
Matching versions