CVE

Id
8629  
CVE No.
CVE-2004-0201  
Status
Candidate  
Description
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.  
Phase
Assigned (20040311)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
53996 8629 CVE-2004-0201 FULLDISC:20040714 HtmlHelp - .CHM File Heap Overflow  View
53997 8629 CVE-2004-0201 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023919.html  View
53998 8629 CVE-2004-0201 MS:MS04-023  View
53999 8629 CVE-2004-0201 URL:http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx  View
54000 8629 CVE-2004-0201 CERT:TA04-196A  View
54001 8629 CVE-2004-0201 URL:http://www.us-cert.gov/cas/techalerts/TA04-196A.html  View
54002 8629 CVE-2004-0201 CERT-VN:VU#920060  View
54003 8629 CVE-2004-0201 URL:http://www.kb.cert.org/vuls/id/920060  View
54004 8629 CVE-2004-0201 XF:win-htmlhelp-execute-code(16586)  View
54005 8629 CVE-2004-0201 URL:http://xforce.iss.net/xforce/xfdb/16586  View
54006 8629 CVE-2004-0201 OVAL:oval:org.mitre.oval:def:1503  View
54007 8629 CVE-2004-0201 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1503  View
54008 8629 CVE-2004-0201 OVAL:oval:org.mitre.oval:def:1530  View
54009 8629 CVE-2004-0201 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1530  View
54010 8629 CVE-2004-0201 OVAL:oval:org.mitre.oval:def:2155  View
54011 8629 CVE-2004-0201 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2155  View
54012 8629 CVE-2004-0201 OVAL:oval:org.mitre.oval:def:3179  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
62876 JVNDB-2004-000218 Microsoft Windows の DirectPlay におけるサービス運用妨害 (DoS) の脆弱性 Microsoft Windows の DirectX に含まれている DirectPlay の IDirectPlay4 API には、パケット検証が適切に実行されないセキュリティ上の不備により、サービス運用妨害 (DoS) 状態が発生する脆弱性が存在します。 CVE-2004-0202 8629 5 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000218.html  View