Lucene search

[email protected]CVE-2004-0892

HistoryJan 27, 2005 - 5:00 a.m.

CVE-2004-0892

2005-01-2705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0892

microsoft proxy server

microsoft isa server

remote code execution

spoofing

nvd

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.734 High

EPSS

Percentile

98.1%

JSON

Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results.

CPENameOperatorVersion
microsoft:isa_servermicrosoft isa servereq2000
microsoft:proxy_servermicrosoft proxy servereq2.0
microsoft:windows_2003_servermicrosoft windows 2003 servereq2003
microsoft:windows_2003_servermicrosoft windows 2003 servereq2000

CPE	Name	Operator	Version
microsoft:isa_server	microsoft isa server	eq	2000
microsoft:proxy_server	microsoft proxy server	eq	2.0
microsoft:windows_2003_server	microsoft windows 2003 server	eq	2003
microsoft:windows_2003_server	microsoft windows 2003 server	eq	2000

References

www.securityfocus.com/bid/11605

docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039

exchange.xforce.ibmcloud.com/vulnerabilities/17906

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.734 High

EPSS

Percentile

98.1%

JSON

Related for CVE-2004-0892

openvas2 nessus1 securityvulns1