Lucene search

[email protected]CVE-2004-0201

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0201

2004-08-0604:00:00

[email protected]

web.nvd.nist.gov

cve

buffer overflow

htmlhelp

remote code execution

security vulnerability

microsoft windows 98

windows me

windows nt

windows 2000

windows xp

server 2003

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.477 Medium

EPSS

Percentile

97.5%

JSON

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.

Affected configurations

NVD

Node

avayaip600_media_servers

avayadefinity_one_media_server

avayas8100

Node

avayamodular_messaging_message_storage_serverMatchs3400

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_2000sp4

microsoftwindows_2003_serverMatchenterprise64-bit

microsoftwindows_2003_serverMatchenterprise_64-bit

microsoftwindows_2003_serverMatchr264-bit

microsoftwindows_2003_serverMatchr2datacenter_64-bit

microsoftwindows_2003_serverMatchstandard64-bit

microsoftwindows_2003_serverMatchweb

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

microsoftwindows_ntMatch4.0enterprise_server

microsoftwindows_ntMatch4.0server

microsoftwindows_ntMatch4.0terminal_server

microsoftwindows_ntMatch4.0workstation

microsoftwindows_ntMatch4.0sp1enterprise_server

microsoftwindows_ntMatch4.0sp1server

microsoftwindows_ntMatch4.0sp1terminal_server

microsoftwindows_ntMatch4.0sp1workstation

microsoftwindows_ntMatch4.0sp2enterprise_server

microsoftwindows_ntMatch4.0sp2server

microsoftwindows_ntMatch4.0sp2terminal_server

microsoftwindows_ntMatch4.0sp2workstation

microsoftwindows_ntMatch4.0sp3enterprise_server

microsoftwindows_ntMatch4.0sp3server

microsoftwindows_ntMatch4.0sp3terminal_server

microsoftwindows_ntMatch4.0sp3workstation

microsoftwindows_ntMatch4.0sp4enterprise_server

microsoftwindows_ntMatch4.0sp4server

microsoftwindows_ntMatch4.0sp4terminal_server

microsoftwindows_ntMatch4.0sp4workstation

microsoftwindows_ntMatch4.0sp5enterprise_server

microsoftwindows_ntMatch4.0sp5server

microsoftwindows_ntMatch4.0sp5terminal_server

microsoftwindows_ntMatch4.0sp5workstation

microsoftwindows_ntMatch4.0sp6enterprise_server

microsoftwindows_ntMatch4.0sp6server

microsoftwindows_ntMatch4.0sp6terminal_server

microsoftwindows_ntMatch4.0sp6workstation

microsoftwindows_ntMatch4.0sp6aenterprise_server

microsoftwindows_ntMatch4.0sp6aserver

microsoftwindows_ntMatch4.0sp6aworkstation

microsoftwindows_xp64-bit

microsoftwindows_xphome

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1home

CPENameOperatorVersion
avaya:ip600_media_serversavaya ip600 media serverseq*
avaya:definity_one_media_serveravaya definity one media servereq*
avaya:s8100avaya s8100eq*