ID CVE-2004-0117
Summary Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
References
Vulnerable Configurations
  • Microsoft NetMeeting 3
    cpe:2.3:a:microsoft:netmeeting:3
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • cpe:2.3:o:microsoft:windows_2003_server:r2
    cpe:2.3:o:microsoft:windows_2003_server:r2
  • Microsoft windows 98_gold
    cpe:2.3:o:microsoft:windows_98:-:gold
  • Microsoft Windows ME
    cpe:2.3:o:microsoft:windows_me
  • Microsoft windows xp_gold
    cpe:2.3:o:microsoft:windows_xp:-:gold
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS04-011.NASL
description The remote host is missing a critical Microsoft Windows Security Update (835732). This update fixes various flaws that could allow an attacker to execute arbitrary code on the remote host. A series of worms (Sasser) are known to exploit this vulnerability in the wild.
last seen 2019-02-21
modified 2018-11-15
plugin id 12205
published 2004-04-13
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=12205
title MS04-011: Microsoft Hotfix (credentialed check) (835732)
oval via4
  • accepted 2004-05-25T12:00:00.000-04:00
    class vulnerability
    contributors
    name Jonathan Baker
    organization The MITRE Corporation
    description Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
    family windows
    id oval:org.mitre.oval:def:907
    status accepted
    submitted 2004-04-13T12:00:00.000-04:00
    title Windows 2000 H.323 Protocol Remote Code Execution Vulnerability
    version 63
  • accepted 2015-08-10T04:01:12.151-04:00
    class vulnerability
    contributors
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment Microsoft Windows Server 2003 is installed
    oval oval:org.mitre.oval:def:128
    description Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
    family windows
    id oval:org.mitre.oval:def:946
    status accepted
    submitted 2004-04-13T12:00:00.000-04:00
    title Windows Server 2003 H.323 Protocol Remote Code Execution Vulnerability
    version 68
  • accepted 2015-08-10T04:01:12.568-04:00
    class vulnerability
    contributors
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Microsoft Windows XP (32-bit) is installed
      oval oval:org.mitre.oval:def:1353
    • comment Microsoft Windows XP SP1 (32-bit) is installed
      oval oval:org.mitre.oval:def:1
    description Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
    family windows
    id oval:org.mitre.oval:def:964
    status accepted
    submitted 2004-04-13T12:00:00.000-04:00
    title Windows XP H.323 Protocol Remote Code Execution Vulnerability
    version 71
refmap via4
cert TA04-104A
cert-vn VU#353956
ciac O-114
ms MS04-011
xf win-h323-bo(15710)
Last major update 10-09-2008 - 15:25
Published 01-06-2004 - 00:00
Last modified 12-10-2018 - 17:33
Back to Top