[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-0047Date: (C)2005-05-02   (M)2023-12-22


Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
http://marc.info/?l=bugtraq&m=111755870828817&w=2
MS05-012
TA05-039A
VU#597889
http://www.argeniss.com/research/SSExploit.c
oval:org.mitre.oval:def:1159
oval:org.mitre.oval:def:2351
oval:org.mitre.oval:def:2892
oval:org.mitre.oval:def:901
win-com-gain-privileges(19105)

CPE    10
cpe:/o:microsoft:windows_xp::sp1:media_center
cpe:/o:microsoft:windows_xp::sp2:media_center
cpe:/o:microsoft:windows_2000::sp3
cpe:/o:microsoft:windows_2000::sp4
...
OVAL    4
oval:org.mitre.oval:def:1159
oval:org.mitre.oval:def:2892
oval:org.mitre.oval:def:901
oval:org.mitre.oval:def:2351
...

© SecPod Technologies