CVE-2004-0444

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.

Published: 2004-07-07 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2004-0444 is rated High Risk (79.3/100): CVSS Critical severity, with high exploitation likelihood (EPSS 62.85%, 98th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +4.85% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2004-0444

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-01-23 58.00% 62.85% +4.85%
2 2025-03-17 89.63% 58.00% -31.63%
3 2024-12-17 89.63%

Full EPSS history (6 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2004-0444

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2004-0444

Affected software / configurations for CVE-2004-0444

Vendor Product Version Raw CPE
symantec client_firewall 5.01 cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*
symantec client_firewall 5.1.1 cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*
symantec client_security 1.0 cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
symantec client_security 1.1 cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
symantec client_security 1.2 cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
symantec client_security 1.3 cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
symantec client_security 1.4 cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
symantec client_security 1.5 cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
symantec client_security 1.6 cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
symantec client_security 1.7 cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
symantec client_security 1.8 cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*
symantec client_security 1.9 cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*
symantec client_security 2.0 cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
symantec norton_antispam 2004 cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
symantec norton_internet_security 2002 cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*
symantec norton_internet_security 2002 cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*
symantec norton_internet_security 2003 cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
symantec norton_internet_security 2003 cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*
symantec norton_internet_security 2004 cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
symantec norton_internet_security 2004 cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*
symantec norton_personal_firewall 2002 cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*
symantec norton_personal_firewall 2003 cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
symantec norton_personal_firewall 2004 cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*

References for CVE-2004-0444

URL Tags
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html
http://secunia.com/advisories/11066
http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
http://securitytracker.com/id?1010144
http://securitytracker.com/id?1010145
http://securitytracker.com/id?1010146
http://www.ciac.org/ciac/bulletins/o-141.shtml
http://www.kb.cert.org/vuls/id/294998 Patch Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/634414 Patch Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/637318 US Government Resource
http://www.osvdb.org/6099
http://www.osvdb.org/6101
http://www.osvdb.org/6102
http://www.securityfocus.com/bid/10333
http://www.securityfocus.com/bid/10334
http://www.securityfocus.com/bid/10335
https://exchange.xforce.ibmcloud.com/vulnerabilities/16134
https://exchange.xforce.ibmcloud.com/vulnerabilities/16135
https://exchange.xforce.ibmcloud.com/vulnerabilities/16137
cvelogic Threat Intelligence