CVE-2004-0978: Buffer Overflow
First published: Thu Oct 21 2004(Updated: )
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Explorer | =5.01-sp3 | |
| Microsoft Internet Explorer | =5.01-sp4 | |
| Microsoft Windows 2000 | =sp3 | |
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Internet Explorer | =5.5-sp2 | |
| Microsoft Windows Me | ||
| Microsoft Internet Explorer | =6 | |
| Microsoft Windows Server 2003 | ||
| Microsoft Windows Server 2003 | ||
| Microsoft Windows XP | ||
| Microsoft Windows XP | ||
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Windows 98SE | ||
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp6a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/673134
- http://www.ngssoftware.com/advisories/heartbeatfull.txt
- http://www.securityfocus.com/bid/11367
- http://marc.info/?l=bugtraq&m=110616221411579&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17714
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft internet explorer
- version/microsoft internet explorer/5.01-sp3
- version/microsoft internet explorer/5.01-sp4
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp3
- version/microsoft windows 2000/sp4
- version/microsoft internet explorer/5.5-sp2
- canonical/microsoft windows me
- version/microsoft internet explorer/6
- canonical/microsoft windows server 2003
- canonical/microsoft windows xp
- version/microsoft windows xp/sp1
- version/microsoft windows xp/sp2
- version/microsoft internet explorer/6-sp1
- canonical/microsoft windows 98se
- canonical/microsoft windows nt
- version/microsoft windows nt/4.0-sp6
- version/microsoft windows nt/4.0-sp6a