CVE-2004-0840 Information
Description
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition Windows Server 2003 Windows Server 2003 64-bit Edition and the Exchange Routing Engine component of Exchange Server 2003 allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.
Reference
http://www.kb.cert.org/vuls/id/394792 http://www.securityfocus.com/bid/11374 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/17621 https://exchange.xforce.ibmcloud.com/vulnerabilities/17660 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2300 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3460 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5509
Share on: