7.5
CVE-2005-1987
- EPSS 43.45%
- Veröffentlicht 13.10.2005 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:14:02
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Exchange Server Version2000 Updatesp3
Microsoft ≫ Windows 2000 Version- Updatesp4 Langfr
Microsoft ≫ Windows Server 2003 Version- HwPlatformitanium
Microsoft ≫ Windows Server 2003 Version- HwPlatformx64
Microsoft ≫ Windows Server 2003 Versionr2
Microsoft ≫ Windows Server 2003 Versionsp1
Microsoft ≫ Windows Server 2003 Versionsp1 HwPlatformitanium
Microsoft ≫ Windows Xp Version- HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp1 SwEditiontablet_pc
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditiontablet_pc
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 43.45% | 0.986 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
http://www.us-cert.gov/cas/techalerts/TA05-284A.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.html
http://marc.info/?l=bugtraq&m=112915118302012&w=2
http://secunia.com/advisories/17167
http://securitytracker.com/id?1015038
http://securitytracker.com/id?1015039
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ907245
http://www.kb.cert.org/vuls/id/883460
http://www.osvdb.org/19905
http://www.securityfocus.com/bid/15067
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-048
https://exchange.xforce.ibmcloud.com/vulnerabilities/22495
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1130
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1201
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1406
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1420
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1515
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A581
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A848