10

CVE-2004-0574

EPSS 86.07%
Published 03.11.2004 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

Affected products Warnungen 0 Metrics 2 CWE 1 References 15

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2000 Update-

Microsoft ≫ Exchange Server Version2003 Update-

Microsoft ≫ Windows 2000 Version- Update-

Microsoft ≫ Windows Nt Version4.0 SwEditionserver

Microsoft ≫ Windows Server 2003 Versionr2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	86.07%	0.994

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021

Third Party Advisory

http://marc.info/?l=bugtraq&m=109761632831563&w=2

Third Party Advisory

Mailing List

http://www.ciac.org/ciac/bulletins/p-012.shtml

Broken Link

http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10

Third Party Advisory

http://www.kb.cert.org/vuls/id/203126

Patch

Third Party Advisory

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/17641

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/17661

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2004-0574

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0574

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0574

EUVD