CVE-2004-0209

high

Description

Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2428

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2114

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1872

https://exchange.xforce.ibmcloud.com/vulnerabilities/17658

https://exchange.xforce.ibmcloud.com/vulnerabilities/16581

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-032

http://www.securityfocus.com/bid/11375

http://www.kb.cert.org/vuls/id/806278

http://marc.info/?l=bugtraq&m=109829067325779&w=2

Details

Source: Mitre, NVD

Published: 2004-11-03

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High