Stack-based Buffer Overflow in Windows Task Scheduler and Internet Explorer 6
CVE-2004-0212

Currently unrated

Key Information:

Vendor: Avaya
Status: Definity One Media Server; Ie; S8100; Ip600 Media Servers
Vendor: CVE Published:; 6 August 2004

Summary

This vulnerability arises from a stack-based buffer overflow in the Task Scheduler component of Windows 2000 and XP, as well as Internet Explorer 6 running on Windows NT 4.0. It allows local or remote attackers to execute arbitrary code by crafting a .job file with excessively long parameters. The exploit can be executed through Internet Explorer when accessing a vulnerable .job file on an anonymous share, posing significant risks to system security.

References

http://marc.info/?l=bugtraq&m=108981403025596&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/16591

vdb-entryx_refsource_XF

http://www.ngssoftware.com/advisories/mstaskjob.txt

x_refsource_MISC

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Mar 11, 2004