Remote Code Execution Vulnerability in H.323 Protocol of Microsoft Windows
CVE-2004-0117

Currently unrated

Key Information:

Vendor: Microsoft
Status: Netmeeting
Vendor: CVE Published:; 1 June 2004

Summary

The H.323 protocol implementation in Microsoft Windows 98, 2000, XP, and Server 2003 contains a vulnerability that enables remote attackers to execute arbitrary code on affected systems. This flaw arises from the improper handling of data, which can be exploited through malicious H.323 packets. If successfully executed, the attacker can gain control of the victim's machine, potentially leading to data theft or further exploitation. It is crucial for users and organizations to apply security patches provided by Microsoft to mitigate this risk.

References

http://www.ciac.org/ciac/bulletins/o-114.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 1, 2004
Vulnerability Reserved
Feb 3, 2004