CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0575

Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.724

EPSS Ranking 98.7%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=ntbugtraq&m=109767342326300&w=2
http://securitytracker.com/id?1011637
http://www.ciac.org/ciac/bulletins/p-010.shtml
http://www.eeye.com/html/research/advisories/AD20041012A.html
http://www.kb.cert.org/vuls/id/649374
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034
https://exchange.xforce.ibmcloud.com/vulnerabilities/17624
https://exchange.xforce.ibmcloud.com/vulnerabilities/17659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1053
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3913
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4276
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6397
http://marc.info/?l=ntbugtraq&m=109767342326300&w=2
http://securitytracker.com/id?1011637
http://www.ciac.org/ciac/bulletins/p-010.shtml
http://www.eeye.com/html/research/advisories/AD20041012A.html
http://www.kb.cert.org/vuls/id/649374
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-034
https://exchange.xforce.ibmcloud.com/vulnerabilities/17624
https://exchange.xforce.ibmcloud.com/vulnerabilities/17659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1053
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3913
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4276
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6397

Products affected by CVE-2004-0575

Microsoft » Windows 2003 Server » Version: 64-bit

cpe:2.3:o:microsoft:windows_2003_server:64-bit
Microsoft » Windows 2003 Server » Version: r2

cpe:2.3:o:microsoft:windows_2003_server:r2
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0575

Products

Pricing

Contact Us