CVE-2004-0892

3 documents3 sources

Severity

7.5HIGH

EPSS

10.1%

top 6.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft ISA Server Microsoft Proxy Server Microsoft Windows 2003 Server

Timeline

PublishedJan 27

Latest updateApr 29

Description

Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDmicrosoft/proxy_server2.0

▶NVDmicrosoft/windows_2003_server2000, 2003+1

▶NVDmicrosoft/isa_server2000

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vpvg-m84j-rpxx: Microsoft Proxy Server 2↗2022-04-29

▶

CVEList

CVE-2004-0892: Microsoft Proxy Server 2↗2004-11-16

▶