Vulnerability Note VU#353956
Microsoft Windows H.323 implementation fails to handle malformed requests
A vulnerabilities in Microsoft Windows' implementation of the multimedia telephony protocol H.323 could lead to the ability to remotely execute arbitrary code on the system.
Microsoft Windows' implementation of the H.323 protocol contains a buffer overflow in the handling of requests. An attacker may be able to send a crafted request to the vulnerable system and exploit this vulnerability to execute arbitrary code. This vulnerability affects the following systems:
An attacker may be able to send a crafted request to the vulnerable system and exploit this vulnerability to execute arbitrary code.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||14 Apr 2004|
CVSS Metrics (Learn More)
Thanks to Microsoft for reporting this vulnerability.
This document was written by Jason A Rafail.
- CVE IDs: CAN-2004-0117
- Date Public: 13 Apr 2004
- Date First Published: 14 Apr 2004
- Date Last Updated: 14 Apr 2004
- Severity Metric: 34.26
- Document Revision: 3
If you have feedback, comments, or additional information about this vulnerability, please send us email.