Lucene search

MitreCVE-2004-0963

HistoryFeb 09, 2005 - 5:00 a.m.

CVE-2004-0963

2005-02-0905:00:00

mitre

web.nvd.nist.gov

microsoft word

buffer overflow

cve-2004-0963

remote attack

denial of service

arbitrary code execution

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.278

Percentile

96.8%

JSON

Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.

Affected configurations

Nvd

Node

microsoftwordMatch2002sp3

VendorProductVersionCPE
microsoftword2002cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	word	2002	cpe:2.3:a:microsoft:word:2002:sp3::::::

References

marc.info/?l=bugtraq&m=109716247230733&w=2

docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-023

exchange.xforce.ibmcloud.com/vulnerabilities/17635

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1795

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2105

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2216

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A420

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.278

Percentile

96.8%

JSON

Related for CVE-2004-0963