7.5

CVE-2005-2123

EPSS 82.62%
Veröffentlicht 29.11.2005 21:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4 Langfr

Microsoft ≫ Windows 2003 Server Version64-bit

Microsoft ≫ Windows 2003 Server Versionitanium

Microsoft ≫ Windows 2003 Server Versionr2

Microsoft ≫ Windows 2003 Server Versionsp1

Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium

Microsoft ≫ Windows Xp Edition64-bit

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	82.62%	0.992

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/17223

http://secunia.com/advisories/17461

http://securitytracker.com/id?1015168

http://support.avaya.com/elmodocs2/security/ASA-2005-228.pdf

http://www.us-cert.gov/cas/techalerts/TA05-312A.html

US Government Resource

http://www.vupen.com/english/advisories/2005/2348

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-053

http://secunia.com/advisories/17498

http://www.eeye.com/html/research/advisories/AD20051108b.html

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/300549

Patch

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/15352

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1063

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1175

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1263

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1546

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A701

https://nvd.nist.gov/vuln/detail/CVE-2005-2123

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2123

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2123

EUVD