CVE-2005-1987

Published Oct 13, 2005

Last updated a year ago

Overview

Description: Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Source: secure@microsoft.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-120

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E88E31D4-1120-4A18-BA65-E2C96B35E599"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:fr:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FB47735-C33C-43B6-9AC6-E5ECAB18AF47"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:itanium:*",
            "vulnerable": true,
            "matchCriteriaId": "5AA32D8C-430E-4CA2-B2DF-FFF63714F480"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23C65B29-89C4-4C05-BD53-27CAD31810A1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:sp1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97474F37-792B-4FD1-B8B8-3AAC050DF327"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:sp1:*:*:*:*:*:itanium:*",
            "vulnerable": true,
            "matchCriteriaId": "92759831-AC3F-4F01-919F-8C0BAFE15352"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "949AD335-71B5-4C93-8698-6C17119CE7A7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:tablet_pc:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24FD61D1-518D-47D1-969E-81E3CBCB15FA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:tablet_pc:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD92FDA6-5BD1-4AAD-B1BE-60B477E35316"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References