Arbitrary Code Execution Vulnerability in Microsoft Windows XP, Windows Server 2003, and Exchange Server 2003
CVE-2004-0840 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.
Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.