CVE-2004-0978

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.kb.cert.org/vuls/id/673134	Third Party Advisory US Government Resource
http://www.ngssoftware.com/advisories/heartbeatfull.txt	Broken Link
http://www.securityfocus.com/bid/11367	Third Party Advisory VDB Entry
http://marc.info/?l=bugtraq&m=110616221411579&w=2	Issue Tracking Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17714	Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:microsoft:internet_explorer:5.01:sp3::::::
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp4::::::

OR	cpe:2.3:o:microsoft:windows_2000:-:sp3::::::
	cpe:2.3:o:microsoft:windows_2000:-:sp4::::::

Configuration 2 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:6:-:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_server_2003:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
	cpe:2.3:o:microsoft:windows_xp:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:-:-:::::x64:*
	cpe:2.3:o:microsoft:windows_xp:-:sp1::::::
	cpe:2.3:o:microsoft:windows_xp:-:sp2::::::

Configuration 4 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_2000:-:sp3::::::
	cpe:2.3:o:microsoft:windows_2000:-:sp4::::::
	cpe:2.3:o:microsoft:windows_98se:-:::::::*
	cpe:2.3:o:microsoft:windows_me:-:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp6:::terminal_server:::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp6a::::::
	cpe:2.3:o:microsoft:windows_xp:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:-:sp1::::::

Information

Published : 2005-02-08 21:00

Updated : 2020-12-09 10:35

NVD link : CVE-2004-0978

Mitre link : CVE-2004-0978

JSON object : View

CWE

CWE-787

Out-of-bounds Write

Products Affected

microsoft

windows_98se
windows_nt
windows_xp
internet_explorer
windows_2000
windows_me
windows_server_2003

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/673134", "name": "VU#673134", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.ngssoftware.com/advisories/heartbeatfull.txt", "name": "http://www.ngssoftware.com/advisories/heartbeatfull.txt", "tags": ["Broken Link"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/11367", "name": "11367", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://marc.info/?l=bugtraq&m=110616221411579&w=2", "name": "20050119 MSN Heartbeat Control Buffer Overflow", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17714", "name": "heartbeat-activex(17714)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038", "name": "MS04-038", "tags": ["Patch", "Vendor Advisory"], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-787"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0978", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-02-09T05:00Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-12-09T18:35Z"}

10.0 /10