Lucene search
HistoryFeb 09, 2005 - 5:00 a.m.
CVE-2004-0978
cve
buffer overflow
hrtbeat.ocx
activex
internet explorer
remote code execution
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.2 High
AI Score
Confidence
High
0.071 Low
EPSS
Percentile
94.0%
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
Affected configurations
Node
microsoftinternet_explorerMatch5.01sp3
ORmicrosoftinternet_explorerMatch5.01sp4
microsoftwindows_2000Match-sp3
ORmicrosoftwindows_2000Match-sp4
Node
microsoftinternet_explorerMatch5.5sp2
microsoftwindows_meMatch-
Node
microsoftinternet_explorerMatch6-
microsoftwindows_server_2003Match-
ORmicrosoftwindows_server_2003Match-x64
ORmicrosoftwindows_xpMatch-
ORmicrosoftwindows_xpMatch--x64
ORmicrosoftwindows_xpMatch-sp1
ORmicrosoftwindows_xpMatch-sp2
Node
microsoftinternet_explorerMatch6sp1
microsoftwindows_2000Match-sp3
ORmicrosoftwindows_2000Match-sp4
ORmicrosoftwindows_98seMatch-
ORmicrosoftwindows_meMatch-
ORmicrosoftwindows_ntMatch4.0sp6terminal_server
ORmicrosoftwindows_ntMatch4.0sp6a
ORmicrosoftwindows_xpMatch-
ORmicrosoftwindows_xpMatch-sp1
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:internet_explorer | microsoft internet explorer | eq | 5.01 |
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.2 High
AI Score
Confidence
High
0.071 Low
EPSS
Percentile
94.0%
Related for CVE-2004-0978