CVE-2004-0978

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=110616221411579&w=2	Issue Tracking Third Party Advisory
http://www.kb.cert.org/vuls/id/673134	Third Party Advisory US Government Resource
http://www.ngssoftware.com/advisories/heartbeatfull.txt	Broken Link
http://www.securityfocus.com/bid/11367	Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17714	Third Party Advisory VDB Entry
http://marc.info/?l=bugtraq&m=110616221411579&w=2	Issue Tracking Third Party Advisory
http://www.kb.cert.org/vuls/id/673134	Third Party Advisory US Government Resource
http://www.ngssoftware.com/advisories/heartbeatfull.txt	Broken Link
http://www.securityfocus.com/bid/11367	Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17714	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:microsoft:internet_explorer:5.01:sp3::::::
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp4::::::

OR	cpe:2.3:o:microsoft:windows_2000:-:sp3::::::
	cpe:2.3:o:microsoft:windows_2000:-:sp4::::::

Configuration 2 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:6:-:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_server_2003:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
	cpe:2.3:o:microsoft:windows_xp:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:-:-:::::x64:*
	cpe:2.3:o:microsoft:windows_xp:-:sp1::::::
	cpe:2.3:o:microsoft:windows_xp:-:sp2::::::

Configuration 4 (hide)

AND

cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_2000:-:sp3::::::
	cpe:2.3:o:microsoft:windows_2000:-:sp4::::::
	cpe:2.3:o:microsoft:windows_98se:-:::::::*
	cpe:2.3:o:microsoft:windows_me:-:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp6:::terminal_server:::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp6a::::::
	cpe:2.3:o:microsoft:windows_xp:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:-:sp1::::::

History

20 Nov 2024, 23:49

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=110616221411579&w=2 - Issue Tracking, Third Party Advisory~~	() http://marc.info/?l=bugtraq&m=110616221411579&w=2 - Issue Tracking, Third Party Advisory
References	~~() http://www.kb.cert.org/vuls/id/673134 - Third Party Advisory, US Government Resource~~	() http://www.kb.cert.org/vuls/id/673134 - Third Party Advisory, US Government Resource
References	~~() http://www.ngssoftware.com/advisories/heartbeatfull.txt - Broken Link~~	() http://www.ngssoftware.com/advisories/heartbeatfull.txt - Broken Link
References	~~() http://www.securityfocus.com/bid/11367 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/11367 - Third Party Advisory, VDB Entry
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 - Patch, Vendor Advisory~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 - Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/17714 - Third Party Advisory, VDB Entry~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/17714 - Third Party Advisory, VDB Entry

Information

Published : 2005-02-09 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-0978

Mitre link : CVE-2004-0978

CVE.ORG link : CVE-2004-0978

JSON object : View

Products Affected

microsoft

windows_xp
windows_nt
internet_explorer
windows_server_2003
windows_me
windows_98se
windows_2000

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2004-0978", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-02-09T05:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=110616221411579&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/673134", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.ngssoftware.com/advisories/heartbeatfull.txt", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11367", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17714", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110616221411579&w=2", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/673134", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ngssoftware.com/advisories/heartbeatfull.txt", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/11367", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17714", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4336F0E-75FE-4592-9D98-4F689804956E"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "530FC172-94E1-481A-9810-26061D22B6AC"}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E44D629-D3EB-4F67-BF67-B25910453562"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C69B5E6-D1AF-46F1-8AE6-DD5D4E3D9160"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3527F41-A6ED-437D-9833-458A2C60C2A3"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "vulnerable": false, "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:*:*:x64:*", "vulnerable": false, "matchCriteriaId": "B05F3F57-3678-46E2-9963-7B986C2AEFAF"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2572F7E5-75A3-4C11-866B-A4E9ADBD8D08"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "530FC172-94E1-481A-9810-26061D22B6AC"}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5"}, {"criteria": "cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2354216-8103-49F9-A95C-7DE4F738BBEE"}, {"criteria": "cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E44D629-D3EB-4F67-BF67-B25910453562"}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:*:*", "vulnerable": false, "matchCriteriaId": "5CEEF2F5-BE40-435C-865B-2D5DDF7C9F5E"}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2572F7E5-75A3-4C11-866B-A4E9ADBD8D08"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}

10.0 /10