CVE-2004-0574

Microsoft Windows NT Server <4.0-2003 - RCE

Title source: llm

Description

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Lucas Lavarello · perldoswindows

https://www.exploit-db.com/exploits/578

View Code ZIP pw:eip

References (12)

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17641

[Mailing List, Third Party Advisory] http://marc.info/?l=bugtraq&m=109761632831563&w=2

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392

[Broken Link] http://www.ciac.org/ciac/bulletins/p-012.shtml

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/203126

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926

[Third Party Advisory] http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17661

Scores

EPSS 0.8537

EPSS Percentile 99.4%

Details

CWE

CWE-787

Status published

Products (5)

microsoft/exchange_server 2000

microsoft/exchange_server 2003

microsoft/windows_2000

microsoft/windows_nt 4.0

microsoft/windows_server_2003 r2

Published Nov 03, 2004

Tracked Since Feb 18, 2026