7.5
CVE-2005-0044
- EPSS 42.75%
- Published 02.05.2005 04:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Exchange Server Version5.0
Microsoft ≫ Windows 2000 Updatesp1
Microsoft ≫ Windows 2000 Updatesp2
Microsoft ≫ Windows 2000 Updatesp3
Microsoft ≫ Windows 2000 Updatesp4
Microsoft ≫ Windows 2003 Server Versionenterprise Edition64-bit
Microsoft ≫ Windows 2003 Server Versionenterprise_64-bit
Microsoft ≫ Windows 2003 Server Versionr2 Edition64-bit
Microsoft ≫ Windows 2003 Server Versionr2 Editiondatacenter_64-bit
Microsoft ≫ Windows 2003 Server Versionstandard Edition64-bit
Microsoft ≫ Windows 2003 Server Versionweb
Microsoft ≫ Windows 98 Updategold
Microsoft ≫ Windows Xp Edition64-bit
Microsoft ≫ Windows Xp Editionhome
Microsoft ≫ Windows Xp Editionmedia_center
Microsoft ≫ Windows Xp Updategold Editionprofessional
Microsoft ≫ Windows Xp Updatesp1 Edition64-bit
Microsoft ≫ Windows Xp Updatesp1 Editionhome
Microsoft ≫ Windows Xp Updatesp1 Editionmedia_center
Microsoft ≫ Windows Xp Updatesp2 Editionhome
Microsoft ≫ Windows Xp Updatesp2 Editionmedia_center
Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 42.75% | 0.974 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|