7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.958 High
EPSS
Percentile
99.5%
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:netmeeting | microsoft netmeeting | eq | * |
www.kb.cert.org/vuls/id/586540
www.securityfocus.com/archive/1/361836
www.us-cert.gov/cas/techalerts/TA04-104A.html
xforce.iss.net/xforce/alerts/id/168
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1093
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A889
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A903
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A951