Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0214Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
78.3%
top 0.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedNov 3
Latest updateApr 29

Description

Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-h3h6-mm98-c6p9: Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious ser2022-04-29

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun2004-04-25
CVE-2004-0214 — Microsoft vulnerability | cvebase