CVE-2004-0848

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:professional:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:sp2:standard:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-02-08 05:00

Updated : 2024-02-04 16:52


NVD link : CVE-2004-0848

Mitre link : CVE-2004-0848

CVE.ORG link : CVE-2004-0848


JSON object : View

Products Affected

microsoft

  • office
  • works
  • project
  • word
  • visio
  • powerpoint