CVE-2004-0848

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:professional:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:standard:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/416001 - Patch, Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/416001 - Patch, Third Party Advisory, US Government Resource
References () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - Patch, Third Party Advisory, US Government Resource () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - Patch, Third Party Advisory, US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-005 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-005 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19107 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/19107 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2348 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2348 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2738 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2738 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4022 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4022 -

Information

Published : 2005-02-08 05:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-0848

Mitre link : CVE-2004-0848

CVE.ORG link : CVE-2004-0848


JSON object : View

Products Affected

microsoft

  • works
  • visio
  • project
  • powerpoint
  • word
  • office