Executive Summary

Informations
NameMS04-043First vendor Publication0000-00-00
VendorMicrosoftLast vendor Modification0000-00-00
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability in HyperTerminal Could Allow Code Execution (873339)

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS04-043

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-47Buffer Overflow via Parameter Expansion

CWE : Common Weakness Enumeration

%idName

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:4741
 
Oval ID: oval:org.mitre.oval:def:4741
Title: HyperTerminal Session File Vulnerability (Windows 2000)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 8
Platform(s): Microsoft Windows 2000
Product(s): HyperTerminal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:4508
 
Oval ID: oval:org.mitre.oval:def:4508
Title: HyperTerminal Session File Vulnerability (Terminal Server)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 6
Platform(s): Microsoft Windows NT
Product(s): HyperTerminal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3973
 
Oval ID: oval:org.mitre.oval:def:3973
Title: HyperTerminal Session File Vulnerability (NT 4.0)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 7
Platform(s): Microsoft Windows NT
Product(s): HyperTerminal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:3138
 
Oval ID: oval:org.mitre.oval:def:3138
Title: HyperTerminal Session File Vulnerability (Server 2003)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 5
Platform(s): Microsoft Windows Server 2003
Product(s): HyperTerminal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2545
 
Oval ID: oval:org.mitre.oval:def:2545
Title: HyperTerminal Session File Vulnerability (Windows XP,SP2)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 10
Platform(s): Microsoft Windows XP
Product(s): HyperTerminal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1603
 
Oval ID: oval:org.mitre.oval:def:1603
Title: HyperTerminal Session File Vulnerability (Windows XP,SP1)
Description: HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0568
Version: 10
Platform(s): Microsoft Windows XP
Product(s): HyperTerminal
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os5
Os12
Os48
Os9

Open Source Vulnerability Database (OSVDB)

idDescription
12374Microsoft Windows HyperTerminal Session File Remote Overflow

Nessus® Vulnerability Scanner

DateDescription
2004-12-14Name : Arbitrary code can be executed on the remote host through HyperTerminal.
File : smb_nt_ms04-043.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:45:05
  • Multiple Updates