CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0212

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0300%
EPSS Percentile0.40th
PublishedAug 6, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.

Affected Platforms (CPE)

πŸ“¦
Avaya

Ip600 Media Servers

All versions
πŸ“¦
Microsoft

Ie

= 6.0
πŸ”Œ
Avaya

Definity One Media Server

All versions
πŸ”Œ
Avaya

S8100

All versions
πŸ’»
Avaya

Modular Messaging Message Storage Server

= s3400
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows Nt

= 4.0
πŸ’»
Microsoft

Windows Nt

= 4.0
πŸ’»
Microsoft

Windows Nt

= 4.0
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=108981273009250&w=2
πŸ”— http://marc.info/?l=bugtraq&m=108981403025596&w=2
πŸ”— http://secunia.com/advisories/12060
πŸ”— http://www.kb.cert.org/vuls/id/228028
πŸ”— http://www.ngssoftware.com/advisories/mstaskjob.txt
πŸ”— http://www.us-cert.gov/cas/techalerts/TA04-196A.html
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-022
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/16591

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...