CVE-2004-0212

Published: Aug 6, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.

Affected (18)

Products: Avaya: Definity One Media Server, Ip600 Media Servers, S8100, Modular Messaging Message Storage Server · Microsoft: Ie, Windows 2000, Windows Nt, Windows Xp

4 products

Definity One Media Server

Ip600 Media Servers

Modular Messaging Message Storage Server

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Avaya Definity One Media Server	All versions
Avaya Ip600 Media Servers	All versions
Avaya S8100	All versions
Microsoft Ie	Version 6.0 sp1

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Avaya Modular Messaging Message Storage Server	Version s3400
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions

References (24)

http://marc.info/?l=bugtraq&m=108981273009250&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108981403025596&w=2

Source: cve@mitre.org

http://secunia.com/advisories/12060

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/228028

Source: cve@mitre.org

US Government Resource

http://www.ngssoftware.com/advisories/mstaskjob.txt

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Source: cve@mitre.org

PatchThird Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-022

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16591

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1344

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1781

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1964

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3428

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108981273009250&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=108981403025596&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12060

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/228028

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.ngssoftware.com/advisories/mstaskjob.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-022

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/16591

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1344

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1781

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1964

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3428

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.