VDB

CVE-2004-0840

CVE-2004-0840 PUBLISHED CVSS 10 CRITICAL

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.

EPSS 38.71% · 97.3th percentile

Risk Scores

CVSS 2.0
10
EPSS Score
38.71%
97.3th percentile

Affected Products

VendorProductVersions
microsoftwindows_server_2003r2
n/an/an/a
microsoftexchange_server2003
microsoftwindows_xp

Timeline

  • CVE Published
  • Feb 4, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
  • Dec 22, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›