CVE-2004-0205
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
Desbordamiento de búfer en Microsoft Internet Information Server (IIS) 4.0 permite a usuarios locales ejecutar código de su elección mediante la función de redirección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-03-11 CVE Reserved
- 2004-07-14 CVE Published
- 2024-01-20 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/12061 | Third Party Advisory | |
| http://www.ciac.org/ciac/bulletins/o-179.shtml | Government Resource | |
| http://www.osvdb.org/7799 | Vdb Entry | |
| http://www.securityfocus.com/bid/10706 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16578 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2204 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.kb.cert.org/vuls/id/717748 | 2018-10-12 | |
| http://www.us-cert.gov/cas/techalerts/TA04-196A.html | 2018-10-12 |
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-021 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Avaya Search vendor "Avaya" | Ip600 Media Servers Search vendor "Avaya" for product "Ip600 Media Servers" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Information Server Search vendor "Microsoft" for product "Internet Information Server" | 4.0 Search vendor "Microsoft" for product "Internet Information Server" and version "4.0" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Definity One Media Server Search vendor "Avaya" for product "Definity One Media Server" | * | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | S8100 Search vendor "Avaya" for product "S8100" | * | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Modular Messaging Message Storage Server Search vendor "Avaya" for product "Modular Messaging Message Storage Server" | s3400 Search vendor "Avaya" for product "Modular Messaging Message Storage Server" and version "s3400" | - |
Affected
| ||||||