VDB
CVE-2004-0206
CVE-2004-0206
PUBLISHED
KEV
CVSS 7.5 HIGH
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
EPSS 80.40% · 99.1th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
80.40%
99.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_xp | |
| microsoft | windows_2003_server | r2 |
| microsoft | windows_98 | |
| microsoft | windows_nt | 4.0 |
| microsoft | windows_2000 | |
| n/a | n/a | n/a |
Timeline
- Oct 16, 2004 CVE Published
- Jul 3, 2010 PoC Published
- Sep 23, 2010 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- win-ms04031-patch(17657) vdb
- oval:org.mitre.oval:def:2394 vdb
- oval:org.mitre.oval:def:4592 vdb
- 11372 vdb
- VU#640488 third-party-advisory
- oval:org.mitre.oval:def:3120 vdb
- oval:org.mitre.oval:def:1852 vdb
- 20041013 Microsoft Windows NetDDE Service Buffer Overflow mailing-list
- 12803 third-party-advisory
- MS04-031 vendor-advisory
- win-netdde-bo(16556) vdb
- oval:org.mitre.oval:def:5074 vdb
- oval:org.mitre.oval:def:6788 vdb
- oval:org.mitre.oval:def:3242 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-0206 advisory
- http://secunia.com/advisories/12803 url