CVE-2004-0123
CVSS V2 High 7.5
CVSS V3 None
Description
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Overview
- CVE ID
- CVE-2004-0123
- Assigner
- cve@mitre.org
- Vulnerability Status
- Modified
- Published Version
- 2004-06-01T04:00:00
- Last Modified Date
- 2018-10-12T21:34:01
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:* | 1 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- NETWORK
- Access Compatibility
- LOW
- Authentication
- NONE
- Confidentiality Impact
- PARTIAL
- Integrity Impact
- PARTIAL
- Availability Impact
- PARTIAL
- Base Score
- 7.5
- Severity
- HIGH
- Exploitability Score
- 10
- Impact Score
- 6.4
References
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2004-0123 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0123 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-05-10 18:25:29 | Added to TrackCVE |