CVE-2004-0201
Summary
| CVE | CVE-2004-0201 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-08-06 04:00:00 UTC |
| Updated | 2019-04-30 14:27:00 UTC |
| Description | Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Avaya | Definity One Media Server | All | All | All | All |
| Hardware | Avaya | Definity One Media Server | All | All | All | All |
| Application | Avaya | Ip600 Media Servers | All | All | All | All |
| Application | Avaya | Ip600 Media Servers | All | All | All | All |
| Operating System | Avaya | Modular Messaging Message Storage Server | s3400 | All | All | All |
| Operating System | Avaya | Modular Messaging Message Storage Server | s3400 | All | All | All |
| Hardware | Avaya | S8100 | All | All | All | All |
| Hardware | Avaya | S8100 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 98 | All | gold | All | All |
| Operating System | Microsoft | Windows 98 | All | gold | All | All |
| Operating System | Microsoft | Windows 98se | All | All | All | All |
| Operating System | Microsoft | Windows 98se | All | All | All | All |
| Operating System | Microsoft | Windows Me | All | All | All | All |
| Operating System | Microsoft | Windows Me | All | All | All | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | All | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp1 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp2 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp3 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp4 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp5 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | terminal_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6 | workstation | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | enterprise_server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | server | All |
| Operating System | Microsoft | Windows Nt | 4.0 | sp6a | workstation | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA04-196A -- Multiple Vulnerabilities in Microsoft Windows Components and Outlook Express | CERT | www.us-cert.gov | Patch, Third Party Advisory, US Government Resource |
| Microsoft Security Bulletin MS04-023 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| US-CERT Vulnerability Note VU#920060 | CERT-VN | www.kb.cert.org | Patch, Third Party Advisory, US Government Resource |
| [Full-Disclosure] HtmlHelp - .CHM File Heap Overflow | FULLDISC | lists.grok.org.uk | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.