Vulnerabilities > CVE-2004-0199 - Unspecified vulnerability in Microsoft Windows 2003 Server and Windows XP
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 13 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS04-015.NASL |
description | The remote host contains bugs in the Microsoft Help and Support Center in the way it handles HCP URL validation. (840374) An attacker could use this bug to execute arbitrary commands on the remote host. To exploit this bug, an attacker would need to lure a user of the remote host into visiting a rogue website or to click on a link received in an email. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 12235 |
published | 2004-05-11 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/12235 |
title | MS04-015: Microsoft Help Center Remote Code Execution (840374) |
code |
|
Oval
accepted 2011-05-16T04:00:10.455-04:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name John Hoyland organization Centennial Software name Dragos Prisaca organization Gideon Technologies, Inc. name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). family windows id oval:org.mitre.oval:def:1008 status accepted submitted 2004-05-12T12:00:00.000-04:00 title Windows XP Help and Support Center HCP URL Validation Vulnerability version 73 accepted 2006-09-27T12:28:20.916-04:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name John Hoyland organization Centennial Software
description Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). family windows id oval:org.mitre.oval:def:1032 status accepted submitted 2004-05-12T12:00:00.000-04:00 title Windows Server 2003 Help and Support Center HCP URL Validation Vulnerability version 65
References
- http://marc.info/?l=bugtraq&m=108437759930820&w=2
- http://marc.info/?l=full-disclosure&m=108430407801825&w=2
- http://www.exploitlabs.com/files/advisories/EXPL-A-2004-001-helpctr.txt
- http://www.kb.cert.org/vuls/id/484814
- http://www.securityfocus.com/bid/10321
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-015
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16095
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1008
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1032