CVE-2004-0978

Description

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.

Related CPE's

Could not find any relations

References

VU#673134

Third Party AdvisoryUS Government Resource

http://www.ngssoftware.com/advisories/heartbeatfull.txt

Broken Link

11367

Third Party AdvisoryVDB Entry

20050119 MSN Heartbeat Control Buffer Overflow

Issue TrackingThird Party Advisory

heartbeat-activex(17714)

Third Party AdvisoryVDB Entry

MS04-038

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:C/I:C/A:C
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	COMPLETE
IntegrityImpact	COMPLETE
AvailabilityImpact	COMPLETE
BaseScore	10

Created by Yello

About Severity.io