CVE-2004-0848 - Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link

CVE-2004-0848

Summary

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:professional:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:professional:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:standard:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:standard:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 12-10-2018 - 21:35)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

oval via4

accepted

2007-02-20T13:40:08.188-05:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name John Hoyland
organization Centennial Software
name John Hoyland
organization Centennial Software

description

family

windows

oval:org.mitre.oval:def:2348

status

accepted

submitted

2005-03-29T12:00:00.000-04:00

title

Windows Project Professional URL Buffer Overflow

version

accepted

2005-05-04T12:33:00.000-04:00

class

vulnerability

contributors

name	Ingrid Skoog
organization	The MITRE Corporation

description

family

windows

oval:org.mitre.oval:def:2738

status

accepted

submitted

2005-03-29T12:00:00.000-04:00

title

Microsoft Office Visio Professional URL Buffer Overflow

version

accepted

2006-10-07T09:15:46.501-04:00

class

vulnerability

contributors

name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Ingrid Skoog
organization The MITRE Corporation
name Anna Min
organization BigFix, Inc

description

family

windows

oval:org.mitre.oval:def:4022

status

accepted

submitted

2005-02-10T12:00:00.000-04:00

title

Office XP URL Buffer Overflow

version

refmap via4

bugtraq	20050209 Finjan Security Advisory: Microsoft Office XP Remote Buffer Overflow Vulnerability
cert	TA05-039A
cert-vn	VU#416001
vulnwatch	20050209 Finjan Security Advisory: Microsoft Office XP Remote Buffer Overflow Vulnerability
xf	ms-url-bo(19107)

Last major update

12-10-2018 - 21:35

Published

08-02-2005 - 05:00

Last modified

12-10-2018 - 21:35