Lucene search
HistoryJan 19, 2005 - 5:00 a.m.
CVE-2004-1306
cve-2004-1306
windows
buffer overflow
remote code execution
nvd
security vulnerability
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
High
0.292 Low
EPSS
Percentile
96.9%
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.
Affected configurations
Node
microsoftwindows_2000
ORmicrosoftwindows_2000sp1
ORmicrosoftwindows_2000sp2
ORmicrosoftwindows_2000sp3
ORmicrosoftwindows_2000sp4
ORmicrosoftwindows_2003_serverMatchdatacenter_64-bitsp1_beta_1
ORmicrosoftwindows_2003_serverMatchenterprise64-bit
ORmicrosoftwindows_2003_serverMatchenterprisesp1_beta_1
ORmicrosoftwindows_2003_serverMatchenterprise_64-bit
ORmicrosoftwindows_2003_serverMatchenterprise_64-bitsp1_beta_1
ORmicrosoftwindows_2003_serverMatchr264-bit
ORmicrosoftwindows_2003_serverMatchr2datacenter_64-bit
ORmicrosoftwindows_2003_serverMatchr2sp1_beta_1
ORmicrosoftwindows_2003_serverMatchstandard64-bit
ORmicrosoftwindows_2003_serverMatchstandardsp1_beta_1
ORmicrosoftwindows_2003_serverMatchweb
ORmicrosoftwindows_2003_serverMatchwebsp1_beta_1
ORmicrosoftwindows_ntMatch4.0enterprise_server
ORmicrosoftwindows_ntMatch4.0server
ORmicrosoftwindows_ntMatch4.0terminal_server
ORmicrosoftwindows_ntMatch4.0workstation
ORmicrosoftwindows_ntMatch4.0sp1enterprise_server
ORmicrosoftwindows_ntMatch4.0sp1server
ORmicrosoftwindows_ntMatch4.0sp1terminal_server
ORmicrosoftwindows_ntMatch4.0sp1workstation
ORmicrosoftwindows_ntMatch4.0sp2enterprise_server
ORmicrosoftwindows_ntMatch4.0sp2server
ORmicrosoftwindows_ntMatch4.0sp2terminal_server
ORmicrosoftwindows_ntMatch4.0sp2workstation
ORmicrosoftwindows_ntMatch4.0sp3enterprise_server
ORmicrosoftwindows_ntMatch4.0sp3server
ORmicrosoftwindows_ntMatch4.0sp3terminal_server
ORmicrosoftwindows_ntMatch4.0sp3workstation
ORmicrosoftwindows_ntMatch4.0sp4enterprise_server
ORmicrosoftwindows_ntMatch4.0sp4server
ORmicrosoftwindows_ntMatch4.0sp4terminal_server
ORmicrosoftwindows_ntMatch4.0sp4workstation
ORmicrosoftwindows_ntMatch4.0sp5enterprise_server
ORmicrosoftwindows_ntMatch4.0sp5server
ORmicrosoftwindows_ntMatch4.0sp5terminal_server
ORmicrosoftwindows_ntMatch4.0sp5workstation
ORmicrosoftwindows_ntMatch4.0sp6enterprise_server
ORmicrosoftwindows_ntMatch4.0sp6server
ORmicrosoftwindows_ntMatch4.0sp6terminal_server
ORmicrosoftwindows_ntMatch4.0sp6workstation
ORmicrosoftwindows_ntMatch4.0sp6aenterprise_server
ORmicrosoftwindows_ntMatch4.0sp6aserver
ORmicrosoftwindows_ntMatch4.0sp6aterminal_server
ORmicrosoftwindows_ntMatch4.0sp6aworkstation
ORmicrosoftwindows_xp64-bit
ORmicrosoftwindows_xphome
ORmicrosoftwindows_xpmedia_center
ORmicrosoftwindows_xpgoldprofessional
ORmicrosoftwindows_xpsp164-bit
ORmicrosoftwindows_xpsp1home
ORmicrosoftwindows_xpsp1media_center
ORmicrosoftwindows_xpsp2home
ORmicrosoftwindows_xpsp2media_center
Related
cert
cert
Microsoft Windows help viewer vulnerable to heap overflow
2005-06-14 00:00:00
nvd
nvd
CVE-2004-1306
2004-12-31 05:00:00
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2004-1306
2005-01-19 05:00:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
High
0.292 Low
EPSS
Percentile
96.9%
Related for CVE-2004-1306