CVE Database · CVE-2004-0848
CVSS v3.1
N/A
EPSS
27.49%
Published
Feb 8, 2005
Modified
Apr 15, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Affected Products (22)
References (14)
