VDB

CVE-2004-0201

CVE-2004-0201 PUBLISHED CVSS 10 CRITICAL

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.

EPSS 50.68% · 97.9th percentile

Risk Scores

CVSS 2.0
10
EPSS Score
50.68%
97.9th percentile

Affected Products

VendorProductVersions
microsoftwindows_nt4.0, 4.0, 4.0
microsoftwindows_me
microsoftwindows_98
microsoftwindows_xp
avayamodular_messaging_message_storage_servers3400
n/an/an/a
microsoftwindows_98se
microsoftwindows_2003_serverr2, enterprise, enterprise_64-bit
avayaip600_media_servers
avayas8100
microsoftwindows_2000
avayadefinity_one_media_server

Timeline

  • Jul 14, 2004 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›