← Back

CVE-2004-0848

nvd nist
Published: Feb 8, 2005Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

Affected (22)

Microsoft
6 products
Office
Powerpoint
Project
Visio
Word
Works
Configuration A
22 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Office
All versions
Office
Version xp sp1
Office
Version xp sp2
Office
Version xp sp3
Microsoft
Powerpoint
Version 2002
Powerpoint
Version 2002 sp1
Powerpoint
Version 2002 sp2
Powerpoint
Version 2002 sp3
Microsoft
Project
Version 2002
Project
Version 2002 sp1
Microsoft
Visio
Version 2002
Visio
Version 2002 sp1
Visio
Version 2002 sp2
Visio
Version 2002 sp2
Visio
Version 2002 sp2
Microsoft
Word
Version 2002
Word
Version 2002 sp1
Word
Version 2002 sp2
Word
Version 2002 sp3
Microsoft
Works
Version 2002
Works
Version 2003
Works
Version 2004

References (14)

Source: cve@mitre.org
PatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
PatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.