Vulnerabilities > CVE-2004-1306 - Unspecified vulnerability in Microsoft products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

exploit available

NVD

Published: 2004-12-31

Updated: 2019-04-30

Summary

Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows NT 4.0 Microsoft Windows 2003 Server Web Microsoft Windows 2003 Server Enterprise Microsoft Windows 2003 Server Enterprise_64-Bit Microsoft Windows 2003 Server Datacenter_64-Bit Microsoft Windows 2003 Server Standard Microsoft Windows 2003 Server R2 Microsoft Windows XP * Microsoft Windows 2000 *	58

Exploit-Db

description	Microsoft Windows 2000/2003/XP winhlp32 Phrase Integer Overflow Vulnerability. CVE-2004-1306 . Remote exploit for windows platform
id	EDB-ID:25049
last seen	2016-02-03
modified	2004-12-23
published	2004-12-23
reporter	flashsky fangxing
source	https://www.exploit-db.com/download/25049/
title	Microsoft Windows 2000/2003/XP winhlp32 Phrase Integer Overflow Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References