7.5

CVE-2004-0566

Exploit
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version5.0
MicrosoftInternet Explorer Version5.0.1
MicrosoftInternet Explorer Version5.0.1 Updatesp1
MicrosoftInternet Explorer Version5.0.1 Updatesp2
MicrosoftInternet Explorer Version5.0.1 Updatesp3
MicrosoftInternet Explorer Version5.0.1 Updatesp4
MicrosoftInternet Explorer Version5.5
MicrosoftInternet Explorer Version5.5 Updatesp1
MicrosoftInternet Explorer Version5.5 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 38.48% 0.984
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA04-212A.html
Third Party Advisory
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0806.html
Vendor Advisory
Exploit
http://www.kb.cert.org/vuls/id/266926
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/15210
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A306
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A322
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A507
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A515