7.2

CVE-2005-2827

EPSS 3.07%
Published 14.12.2005 01:03:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 19

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows Nt Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.07%	0.863

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/18064

http://secunia.com/advisories/18311

http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

http://www.vupen.com/english/advisories/2005/2909

http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

http://secunia.com/advisories/15821

Patch

Vendor Advisory

http://securityreason.com/securityalert/252

http://securitytracker.com/id?1015347

http://www.eeye.com/html/research/advisories/AD20051213.html

http://www.osvdb.org/18823

http://www.securityfocus.com/archive/1/419377/100/0/threaded

http://www.securityfocus.com/bid/15826

Patch

http://www.vupen.com/english/advisories/2005/2868

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-055

https://exchange.xforce.ibmcloud.com/vulnerabilities/23447

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1583

https://nvd.nist.gov/vuln/detail/CVE-2005-2827

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2827

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2827

EUVD