Lucene search

K
cve[email protected]CVE-2004-1361
HistoryJan 19, 2005 - 5:00 a.m.

CVE-2004-1361

2005-01-1905:00:00
web.nvd.nist.gov
26
cve
2004
1361
integer underflow
winhlp32.exe
windows nt
windows 2000
windows xp
windows 2003
sp4
sp2
nvd
heap-based buffer overflow

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.056 Low

EPSS

Percentile

93.3%

Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.

Affected configurations

NVD
Node
microsoftwindows_2000
OR
microsoftwindows_2000sp1
OR
microsoftwindows_2000sp2
OR
microsoftwindows_2000sp3
OR
microsoftwindows_2000sp4
OR
microsoftwindows_2003_serverMatchenterprise64-bit
OR
microsoftwindows_2003_serverMatchenterprisesp1_beta_1
OR
microsoftwindows_2003_serverMatchenterprise_64-bit
OR
microsoftwindows_2003_serverMatchr264-bit
OR
microsoftwindows_2003_serverMatchr2datacenter_64-bit
OR
microsoftwindows_2003_serverMatchr2sp1_beta_1
OR
microsoftwindows_2003_serverMatchstandard64-bit
OR
microsoftwindows_2003_serverMatchstandardsp1_beta_1
OR
microsoftwindows_2003_serverMatchweb
OR
microsoftwindows_2003_serverMatchwebsp1_beta_1
OR
microsoftwindows_ntMatch4.0enterprise_server
OR
microsoftwindows_ntMatch4.0server
OR
microsoftwindows_ntMatch4.0terminal_server
OR
microsoftwindows_ntMatch4.0workstation
OR
microsoftwindows_ntMatch4.0sp1enterprise_server
OR
microsoftwindows_ntMatch4.0sp1server
OR
microsoftwindows_ntMatch4.0sp1terminal_server
OR
microsoftwindows_ntMatch4.0sp1workstation
OR
microsoftwindows_ntMatch4.0sp2enterprise_server
OR
microsoftwindows_ntMatch4.0sp2server
OR
microsoftwindows_ntMatch4.0sp2terminal_server
OR
microsoftwindows_ntMatch4.0sp2workstation
OR
microsoftwindows_ntMatch4.0sp3enterprise_server
OR
microsoftwindows_ntMatch4.0sp3server
OR
microsoftwindows_ntMatch4.0sp3terminal_server
OR
microsoftwindows_ntMatch4.0sp3workstation
OR
microsoftwindows_ntMatch4.0sp4enterprise_server
OR
microsoftwindows_ntMatch4.0sp4server
OR
microsoftwindows_ntMatch4.0sp4terminal_server
OR
microsoftwindows_ntMatch4.0sp4workstation
OR
microsoftwindows_ntMatch4.0sp5enterprise_server
OR
microsoftwindows_ntMatch4.0sp5server
OR
microsoftwindows_ntMatch4.0sp5terminal_server
OR
microsoftwindows_ntMatch4.0sp5workstation
OR
microsoftwindows_ntMatch4.0sp6enterprise_server
OR
microsoftwindows_ntMatch4.0sp6server
OR
microsoftwindows_ntMatch4.0sp6terminal_server
OR
microsoftwindows_ntMatch4.0sp6workstation
OR
microsoftwindows_ntMatch4.0sp6aenterprise_server
OR
microsoftwindows_ntMatch4.0sp6aserver
OR
microsoftwindows_ntMatch4.0sp6aterminal_server
OR
microsoftwindows_ntMatch4.0sp6aworkstation
OR
microsoftwindows_xp64-bit
OR
microsoftwindows_xphome
OR
microsoftwindows_xpmedia_center
OR
microsoftwindows_xpgoldprofessional
OR
microsoftwindows_xpsp164-bit
OR
microsoftwindows_xpsp1home
OR
microsoftwindows_xpsp1media_center
OR
microsoftwindows_xpsp2home
OR
microsoftwindows_xpsp2media_center

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.056 Low

EPSS

Percentile

93.3%

Related for CVE-2004-1361