Vulnerabilities > CVE-2004-0566 - Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.0.1/5.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Oval
accepted 2014-02-24T04:01:46.464-05:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. family windows id oval:org.mitre.oval:def:216 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP4 Bitmap Integer Overflow Vulnerability version 68 accepted 2014-02-24T04:03:14.169-05:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. family windows id oval:org.mitre.oval:def:306 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP3 Bitmap Integer Overflow Vulnerability version 67 accepted 2014-02-24T04:03:14.886-05:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. family windows id oval:org.mitre.oval:def:322 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.5,SP2 Bitmap Integer Overflow Vulnerability version 66 accepted 2014-02-24T04:03:20.970-05:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. family windows id oval:org.mitre.oval:def:507 status accepted submitted 2004-07-30T04:00:00.000-04:00 title IE v6.0 Bitmap Integer Overflow Vulnerability version 67 accepted 2014-02-24T04:03:21.423-05:00 class vulnerability contributors name Ingrid Skoog organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. family windows id oval:org.mitre.oval:def:515 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP2 Bitmap Integer Overflow Vulnerability version 67
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0806.html
- http://www.us-cert.gov/cas/techalerts/TA04-212A.html
- http://www.kb.cert.org/vuls/id/266926
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15210
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A515
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A507
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A322
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A306
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A216
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025