CVE-2004-0848

Severity

75%

Complexity

99%

Confidentiality

106%

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Microsoft

First reported 20 years ago

2005-02-08 05:00:00

Last updated 6 years ago

2018-10-12 21:35:00

Affected Software

Microsoft Office

Microsoft Office XP sp1

xp

Microsoft Office XP sp2

xp

Microsoft Office XP Service Pack 3

xp

Microsoft PowerPoint 2002

2002

Microsoft PowerPoint 2002 sp1

2002

Microsoft PowerPoint 2002 sp2

2002

Microsoft PowerPoint 2002 Service Pack 3

2002

Microsoft Project 2002

2002

Microsoft Project 2002 sp1

2002

Microsoft Visio 2002

2002

Microsoft Visio 2002 sp1

2002

Microsoft Visio 2002 Service Pack 2

2002

Microsoft Visio 2002_sp2 professional

2002

Microsoft Visio 2002_sp2 standard

2002

Microsoft Word 2002

2002

Microsoft Word 2002 sp1

2002

Microsoft Word 2002 sp2

2002

Microsoft Word 2002 Service Pack 3

2002

Microsoft works_suite 2002

2002

Microsoft works_suite 2003

2003

Microsoft Works 2004

2004

References

VU#416001

Patch, Third Party Advisory, US Government Resource

TA05-039A

Patch, Third Party Advisory, US Government Resource

MS05-005

ms-url-bo(19107)

oval:org.mitre.oval:def:2348

oval:org.mitre.oval:def:2738

oval:org.mitre.oval:def:4022

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.