CVE-2004-0212
CVE-2004-0212
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/353unverifiedexploitdbwww.exploit-db.com/exploits/368unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=108981273009250&w=2http://marc.info/?l=bugtraq&m=108981403025596&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-022http://secunia.com/advisories/12060https://exchange.xforce.ibmcloud.com/vulnerabilities/16591https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1344https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1781https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1964https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3428http://www.kb.cert.org/vuls/id/228028http://www.ngssoftware.com/advisories/mstaskjob.txthttp://www.us-cert.gov/cas/techalerts/TA04-196A.html