7.5

CVE-2005-1987

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExchange Server Version2000 Updatesp3
MicrosoftWindows 2000 Version- Updatesp4 Langfr
MicrosoftWindows Server 2003 Version- HwPlatformitanium
MicrosoftWindows Server 2003 Version- HwPlatformx64
MicrosoftWindows Server 2003 Versionsp1 HwPlatformitanium
MicrosoftWindows Xp Version- HwPlatformx64
MicrosoftWindows Xp Version- Updatesp1 SwEditiontablet_pc
MicrosoftWindows Xp Version- Updatesp2 SwEditiontablet_pc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 43.45% 0.986
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

http://www.us-cert.gov/cas/techalerts/TA05-284A.html
Third Party Advisory
US Government Resource
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html
Broken Link
http://marc.info/?l=bugtraq&m=112915118302012&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/17167
Third Party Advisory
http://securitytracker.com/id?1015038
Third Party Advisory
VDB Entry
http://securitytracker.com/id?1015039
Third Party Advisory
VDB Entry
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ907245
http://www.kb.cert.org/vuls/id/883460
Third Party Advisory
US Government Resource
http://www.osvdb.org/19905
Broken Link
http://www.securityfocus.com/bid/15067
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/22495
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1130
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1201
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1406
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1420
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1515
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A581
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A848
Third Party Advisory