Description
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9406
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/10611
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/749342
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1008698
Various Sources x_refsource_misc
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.cert.org/advisories/CA-2004-01.html
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9408
Scores
EPSS
0.4087
EPSS Percentile
98.5%
Details
CWE
CWE-119
Status
published
Products (1)
microsoft/proxy_server
2.0 (2 CPE variants)
Published
Feb 17, 2004
Tracked Since
Feb 18, 2026