10

CVE-2004-0444

EPSS 58%
Veröffentlicht 07.07.2004 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 24

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Symantec ≫ Client Firewall Version5.01

Symantec ≫ Client Firewall Version5.1.1

Symantec ≫ Client Security Version1.0

Symantec ≫ Client Security Version1.1

Symantec ≫ Client Security Version1.2

Symantec ≫ Client Security Version1.3

Symantec ≫ Client Security Version1.4

Symantec ≫ Client Security Version1.5

Symantec ≫ Client Security Version1.6

Symantec ≫ Client Security Version1.7

Symantec ≫ Client Security Version1.8

Symantec ≫ Client Security Version1.9

Symantec ≫ Client Security Version2.0

Symantec ≫ Norton Antispam Version2004

Symantec ≫ Norton Internet Security Version2002

Symantec ≫ Norton Internet Security Version2002 Editionpro

Symantec ≫ Norton Internet Security Version2003

Symantec ≫ Norton Internet Security Version2003 Editionpro

Symantec ≫ Norton Internet Security Version2004

Symantec ≫ Norton Internet Security Version2004 Editionpro

Symantec ≫ Norton Personal Firewall Version2002

Symantec ≫ Norton Personal Firewall Version2003

Symantec ≫ Norton Personal Firewall Version2004

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	58%	0.979

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html

http://secunia.com/advisories/11066

http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html

http://securitytracker.com/id?1010144

http://securitytracker.com/id?1010145

http://securitytracker.com/id?1010146

http://www.ciac.org/ciac/bulletins/o-141.shtml

http://www.kb.cert.org/vuls/id/294998

Patch

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/634414

Patch

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/637318

US Government Resource

http://www.osvdb.org/6099

http://www.osvdb.org/6101

http://www.osvdb.org/6102

http://www.securityfocus.com/bid/10333

http://www.securityfocus.com/bid/10334

http://www.securityfocus.com/bid/10335

https://exchange.xforce.ibmcloud.com/vulnerabilities/16134

https://exchange.xforce.ibmcloud.com/vulnerabilities/16135

https://exchange.xforce.ibmcloud.com/vulnerabilities/16137

https://nvd.nist.gov/vuln/detail/CVE-2004-0444

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0444

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0444

EUVD