CVE Vulnerabilities

CVE-2004-0199

Published: Jun 14, 2004 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).

Affected Software

Name Vendor Start Version End Version
Windows_2003_server Microsoft enterprise enterprise
Windows_2003_server Microsoft enterprise_64-bit enterprise_64-bit
Windows_2003_server Microsoft r2 r2
Windows_2003_server Microsoft r2 r2
Windows_2003_server Microsoft r2 r2
Windows_2003_server Microsoft standard standard
Windows_2003_server Microsoft web web
Windows_xp Microsoft * *
Windows_xp Microsoft * *
Windows_xp Microsoft * *
Windows_xp Microsoft * *
Windows_xp Microsoft * *
Windows_xp Microsoft * *

References