{"vuid":"VU#616200","idnumber":"616200","name":"Microsoft Windows Shell contains a buffer overflow","keywords":["Microsoft","Windows","buffer overflow","Shell","MS04-037"],"overview":"A remotely exploitable buffer overflow vulnerability exists in the Microsoft Windows Shell.","clean_desc":"The Microsoft Windows Shell provides the basic human-computer interface for Windows systems. Microsoft describes the Shell as follows: The Windows Shell is responsible for providing the basic framework of the Windows user interface experience. It is most familiar to users as the Windows Desktop, but also provides a variety of other functions to help define the user's computing session, including organizing files and folders, and providing the means to start applications. A buffer overflow exists in the process the Windows Shell uses to launch applications. If an attacker can persuade a user to visit a specially crafted web page the attacker may be able to execute arbitrary code with the privileges of the current user. For more detailed information and for a list of vulnerable software, see Microsoft Security Bulletin MS04-037. Please also note that this advisory replaces MS04-024 for Microsoft Windows NT 4.0, 2000, XP, and Server 2003.","impact":"If a remote attacker can persuade a user to visit a specially crafted web page, the attacker may be able to execute arbitrary code on that user's system, possibly with elevated privileges.","resolution":"Apply Patch Apply a patch as described in Microsoft Security Bulletin  MS04-037. Please also note that Microsoft is actively deploying the patches for this vulnerability via Windows Update.","workarounds":"","sysaffected":"","thanks":"Microsoft has published Microsoft Security Bulletin \nMS04-037\n to address this vulnerability. Microsoft credits Yorick Koster of \nITsec Security Services\n providing information regarding this vulnerability.","author":"This document was written by Jeff Gennari.","public":["http://www.microsoft.com/technet/security/bulletin/MS04-037.mspx","http://securitytracker.com/alerts/2004/Oct/1011647.html"],"cveids":["CVE-2004-0214"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-10-12T20:14:27Z","publicdate":"2004-10-12T00:00:00Z","datefirstpublished":"2004-11-23T13:03:30Z","dateupdated":"2004-11-23T20:10:27Z","revision":60,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"6","cam_population":"15","cam_impact":"18","cam_easeofexploitation":"15","cam_attackeraccessrequired":"17","cam_scorecurrent":"27.1096875","cam_scorecurrentwidelyknown":"33.564375","cam_scorecurrentwidelyknownexploited":"59.383125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":27.1096875,"vulnote":null}