Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1649

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-1649
Last Modified 05 Sep 2008 04:41:58
Published 31 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1649

Summary

Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


References

XF - msinfo-msinfofile-bo(17153)

FULLDISC - 20040830 MSInfo Buffer Overflow

BUGTRAQ - 20040831 MSInfo Buffer Overflow


Last Updated: 27 May 2016 10:39:08