7.2

CVE-2005-2827

EPSS 1.72%
Veröffentlicht 14.12.2005 01:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows Nt Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.72%	0.817

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/18064

http://secunia.com/advisories/18311

http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

http://www.vupen.com/english/advisories/2005/2909

http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

http://secunia.com/advisories/15821

Patch

Vendor Advisory

http://securityreason.com/securityalert/252

http://securitytracker.com/id?1015347

http://www.eeye.com/html/research/advisories/AD20051213.html

http://www.osvdb.org/18823

http://www.securityfocus.com/archive/1/419377/100/0/threaded

http://www.securityfocus.com/bid/15826

Patch

http://www.vupen.com/english/advisories/2005/2868

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-055

https://exchange.xforce.ibmcloud.com/vulnerabilities/23447

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1583

https://nvd.nist.gov/vuln/detail/CVE-2005-2827

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2827

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2827

EUVD