5

CVE-2005-2119

EPSS 73.49%
Published 12.10.2005 13:04:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.

Affected products Warnungen 0 Metrics 2 CWE 0 References 19

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4 Langfr

Microsoft ≫ Windows 2003 Server Version64-bit

Microsoft ≫ Windows 2003 Server Versionitanium

Microsoft ≫ Windows 2003 Server Versionr2

Microsoft ≫ Windows 2003 Server Versionsp1

Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium

Microsoft ≫ Windows Xp Edition64-bit

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	73.49%	0.988

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/17223

http://secunia.com/advisories/17172

http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf

http://secunia.com/advisories/17509

http://www.us-cert.gov/cas/techalerts/TA05-284A.html

US Government Resource

http://secunia.com/advisories/17161

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051

http://securitytracker.com/id?1015037

http://securityreason.com/securityalert/73

http://www.eeye.com/html/research/advisories/AD20051011b.html

http://www.kb.cert.org/vuls/id/180868

US Government Resource

http://www.osvdb.org/18828

http://www.securityfocus.com/bid/15056

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1071

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1452

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A551

https://nvd.nist.gov/vuln/detail/CVE-2005-2119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2119

EUVD