CVE-2004-0848

Currently unrated

Key Information:

Vendor: Microsoft
Status: Word; Visio; Project; Powerpoint
Vendor: CVE Published:; 8 February 2005

Summary

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.

References

http://www.kb.cert.org/vuls/id/416001

third-party-advisoryx_refsource_CERT-VN

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 8, 2005
Vulnerability Reserved
Sep 8, 2004

Collectors

NVD DatabaseMitre Database