Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2003-0907

EPSS 33.77% · P97
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2003-0907

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows Help和Support中心远程命令执行漏洞(MS04-011)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft XP帮助支持中心(Help and Support Center)是一款统一的帮助和支持服务中心,可把所有的支持服务,如远程协助、自动更新、联机帮助以及其他工具等集中在一个地方。 帮助支持中心由于对HCP URL验证处理不正确,远程攻击者可以利用这个漏洞以进程权限在系统上执行任意代码。 攻击者通过构建恶意HCP URL,诱使用户处理,或发送恶意EMAIL消息诱使用户打开,可导致以进程权限在系统上执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2003-0907

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2003-0907

登录查看更多情报信息。

Same Patch Batch · n/a · 2004-04-16 · 30 CVEs total

CVE-2004-0119Microsoft Windows Negotiate SSP 代码问题漏洞
CVE-2004-0403KAME Racoon畸形ISAKMP包远程拒绝服务漏洞
CVE-2004-0391Cisco WLSE和HSE设备默认用户名和密码漏洞
CVE-2004-0388Oracle MySQL 安全漏洞
CVE-2004-0387RealNetworks RealOne Player/RealPlayer Remote R3T文件基于栈的缓冲区溢出漏洞
CVE-2004-0385Oracle 9iAS/10g应用服务器WEB缓冲远程堆溢出漏洞
CVE-2004-0197Microsoft Jet数据库引擎远程任意指令漏洞(MS04-014)
CVE-2004-0180CVS客户端RCS Diff客户端文件覆盖漏洞
CVE-2004-0179Neon WebDAV Client 库格式化字符串漏洞
CVE-2004-0178Linux Kernel存在多个安全漏洞
CVE-2004-0177Linux Kernel EXT3文件系统信息泄露漏洞
CVE-2004-0155Racoon IKE守护程序未授权X.509证书连接漏洞
CVE-2004-0124Microsoft RPC对象身份信息泄露漏洞(MS04-012)
CVE-2004-0123Microsoft ASN.1两次释放堆内存破坏漏洞(MS04-011)
CVE-2004-0120Microsoft Windows SSL远程拒绝服务漏洞(MS04-011)
CVE-2002-0385Vignette StoryServer堆栈内存信息泄露漏洞
CVE-2004-0118Windows VDM TIB本地权限提升漏洞(MS04-011)
CVE-2004-0117Microsoft Windows H.323任意代码执行漏洞(MS04-011)
CVE-2004-0116Microsoft DCOM RPC内存泄露远程拒绝服务漏洞(MS04-012)
CVE-2004-0109Linux Kernel ISO9660文件系统缓冲区溢出漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2003-0907

No comments yet

Leave a comment