CVE-2004-0123

CVE Database · CVE-2004-0123

CVE-2004-0123

· N/AModified

CVSS v3.1

N/A

EPSS

29.75%

Published

Jun 1, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Weaknesses (CWE)

CWE-119

Affected Products (7)

microsoft · windows_2000vulnerable

microsoft · windows_2003_servervulnerable

microsoft · windows_98vulnerable

microsoft · windows_98sevulnerable

microsoft · windows_mevulnerable

microsoft · windows_ntvulnerable

microsoft · windows_xpvulnerable

References (18)

http://www.ciac.org/ciac/bulletins/o-114.shtml

http://www.kb.cert.org/vuls/id/255924

PatchThird Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/10118

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

Third Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

https://exchange.xforce.ibmcloud.com/vulnerabilities/15713

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1007

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1076

KEV Catalog EPSS Scores Vendors All CVEs