CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0214

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile37.61th
PublishedNov 3, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Internet Explorer

= 6.0.2900
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 98

All versions
πŸ’»
Microsoft

Windows Me

All versions
πŸ’»
Microsoft

Windows Xp

All versions

References & Advisories

πŸ”— http://seclists.org/lists/bugtraq/2004/Apr/0322.html
πŸ”— http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html
πŸ”— http://secunia.com/advisories/11482/
πŸ”— http://securitytracker.com/id?1011647
πŸ”— http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857
πŸ”— http://www.kb.cert.org/vuls/id/616200
πŸ”— http://www.osvdb.org/5687
πŸ”— http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html

Related Vulnerabilities

CVE-1999-046510.0

Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.

CVE-1999-034710.0

Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javasc...

CVE-1999-096710.0

Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource p...

CVE-1999-124110.0

Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web...