CVE-2004-0214

Internet Explorer on Windows XP SP1/2000/98/Me - Buffer Overflow via Long Share Names

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0214. PoCs published by Rodrigo Gutierrez.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Microsoft Windows SMB share handling. It uses an overly long share name to trigger a crash or potential arbitrary code execution in explorer.exe or Internet Explorer.

Description

Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Rodrigo Gutierrez · textdoswindows
https://www.exploit-db.com/exploits/24051

This exploit targets a buffer overflow vulnerability in Microsoft Windows SMB share handling. It uses an overly long share name to trigger a crash or potential arbitrary code execution in explorer.exe or Internet Explorer.

Classification
Working Poc 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Windows (various versions)
No auth needed
Prerequisites: Network access to target system · SMB service exposed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17
Core References
Vendor Advisory vendor-advisory x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2638
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1011647
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5307
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1601
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10213
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17662
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5687
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/616200
Vendor Advisory mailing-list x_refsource_fulldisc
http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4345
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11482/
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1749
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15956
Vendor Advisory mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2004/Apr/0322.html

Scores

EPSS 0.5101
EPSS Percentile 98.8%

Details

Status published
Products (5)
microsoft/internet_explorer 6.0.2900
microsoft/windows_2000
microsoft/windows_98
microsoft/windows_me
microsoft/windows_xp
Published Nov 03, 2004
Tracked Since Feb 18, 2026