Lucene search

[email protected]CVE-2004-1649

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1649

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1649

buffer overflow

msinfo32.exe

microsoft

arbitrary code execution

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.0%

JSON

Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.

Affected configurations

NVD

Node

microsoftwindows_2000

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

lists.grok.org.uk/pipermail/full-disclosure/2004-August/025902.html

marc.info/?l=bugtraq&m=109413415205017&w=2

marc.info/?l=full-disclosure&m=109391133831787&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/17153

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.0%

JSON

Related for CVE-2004-1649

nvd1 cvelist1