Lucene search

[email protected]NVD:CVE-2004-0200

HistorySep 28, 2004 - 4:00 a.m.

CVE-2004-0200

2004-09-2804:00:00

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.957 High

EPSS

Percentile

99.4%

JSON

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.

Affected configurations

NVD

Node

microsoft.net_frameworkMatch1.0sp2sdk

microsoftdigital_image_proMatch7.0

microsoftdigital_image_proMatch9

microsoftdigital_image_suiteMatch9

microsoftexcelMatch2002

microsoftexcelMatch2003

microsoftfrontpageMatch2002

microsoftfrontpageMatch2003

microsoftgreetingsMatch2002

microsoftinfopathMatch2003

microsoftofficeMatch2003

microsoftofficeMatchxpsp3

microsoftonenoteMatch2003

microsoftoutlookMatch2002

microsoftoutlookMatch2003

microsoftpicture_itMatch7.0

microsoftpicture_itMatch9

microsoftpicture_itMatch2002

microsoftpowerpointMatch2002

microsoftpowerpointMatch2003

microsoftproducergoldoffice_powerpoints

microsoftprojectMatch2002sp1

microsoftprojectMatch2003

microsoftpublisherMatch2002

microsoftpublisherMatch2003

microsoftvisioMatch2002sp2

microsoftvisioMatch2003

microsoftvisual_basicMatch2002.net_standard

microsoftvisual_basicMatch2003.net_standard

microsoftvisual_c\#Match2002.net_standard

microsoftvisual_c\#Match2003.net_standard

microsoftvisual_c\+\+Match2002.net_standard

microsoftvisual_c\+\+Match2003.net_standard

microsoftvisual_j\#_.netMatch2003.net_standard

microsoftvisual_studio_.netMatch2002gold

microsoftvisual_studio_.netMatch2003gold

microsoftwordMatch2002

microsoftwordMatch2003

Node

microsoftwindows_2003_serverMatchr2

microsoftwindows_xp64-bit

microsoftwindows_xpgold

microsoftwindows_xpsp164-bit

microsoftwindows_xpsp1tablet_pc

References

marc.info/?l=bugtraq&m=109524346729948&w=2

www.kb.cert.org/vuls/id/297462

www.us-cert.gov/cas/techalerts/TA04-260A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028

exchange.xforce.ibmcloud.com/vulnerabilities/16304

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.957 High

EPSS

Percentile

99.4%

JSON

Related for NVD:CVE-2004-0200

nessus3 cve1 securityvulns2 checkpoint_advisories2 cvelist1 cert1