CVE-2005-0044

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:exchange_server:5.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/927889 - Patch, US Government Resource () http://www.kb.cert.org/vuls/id/927889 - Patch, US Government Resource
References () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19109 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/19109 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1180 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2917 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3568 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3568 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4499 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4499 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0044

Mitre link : CVE-2005-0044

CVE.ORG link : CVE-2005-0044


JSON object : View

Products Affected

microsoft

  • exchange_server
  • windows_me
  • windows_98
  • windows_xp
  • windows_98se
  • windows_2000
  • windows_2003_server