Stack-based Buffer Overflow in Windows Task Scheduler and Internet Explorer 6
CVE-2004-0212

Currently unrated

Key Information:

Vendor

Avaya
Status
Definity One Media Server
Ie
S8100
Ip600 Media Servers
Vendor
CVE Published:
6 August 2004

What is CVE-2004-0212?

This vulnerability arises from a stack-based buffer overflow in the Task Scheduler component of Windows 2000 and XP, as well as Internet Explorer 6 running on Windows NT 4.0. It allows local or remote attackers to execute arbitrary code by crafting a .job file with excessively long parameters. The exploit can be executed through Internet Explorer when accessing a vulnerable .job file on an anonymous share, posing significant risks to system security.

References

http://marc.info/?l=bugtraq&m=108981403025596&w=2
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/16591
vdb-entryx_refsource_XF
http://www.ngssoftware.com/advisories/mstaskjob.txt
x_refsource_MISC

EPSS Score

79% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.