CVE-2005-0047

Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
References
Link Resource
http://marc.info/?l=bugtraq&m=111755870828817&w=2
http://www.argeniss.com/research/SSExploit.c
http://www.kb.cert.org/vuls/id/597889 Patch US Government Resource
http://www.us-cert.gov/cas/techalerts/TA05-039A.html Patch US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012
https://exchange.xforce.ibmcloud.com/vulnerabilities/19105
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901
http://marc.info/?l=bugtraq&m=111755870828817&w=2
http://www.argeniss.com/research/SSExploit.c
http://www.kb.cert.org/vuls/id/597889 Patch US Government Resource
http://www.us-cert.gov/cas/techalerts/TA05-039A.html Patch US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012
https://exchange.xforce.ibmcloud.com/vulnerabilities/19105
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=111755870828817&w=2 - () http://marc.info/?l=bugtraq&m=111755870828817&w=2 -
References () http://www.argeniss.com/research/SSExploit.c - () http://www.argeniss.com/research/SSExploit.c -
References () http://www.kb.cert.org/vuls/id/597889 - Patch, US Government Resource () http://www.kb.cert.org/vuls/id/597889 - Patch, US Government Resource
References () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - Patch, US Government Resource () http://www.us-cert.gov/cas/techalerts/TA05-039A.html - Patch, US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-012 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19105 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/19105 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1159 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2351 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2892 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A901 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0047

Mitre link : CVE-2005-0047

CVE.ORG link : CVE-2005-0047


JSON object : View

Products Affected

microsoft

  • windows_2000
  • windows_xp
  • windows_2003_server