CVE-2004-0214

Summary

Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.

Impact & exploitability

AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected products we track (1)

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

• NVD record
• http://seclists.org/lists/bugtraq/2004/Apr/0322.htmlAdvisory
• http://seclists.org/lists/fulldisclosure/2004/Apr/0933.htmlAdvisory
• http://secunia.com/advisories/11482/
• http://securitytracker.com/id?1011647
• http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857
• http://www.kb.cert.org/vuls/id/616200
• http://www.osvdb.org/5687
• http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html