CVE-2005-2120

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.

References

http://secunia.com/advisories/17166

http://secunia.com/advisories/17172

http://secunia.com/advisories/17223

http://securityreason.com/securityalert/71

http://securitytracker.com/id?1015042

http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf

http://www.eeye.com/html/research/advisories/AD20051011c.html

http://www.kb.cert.org/vuls/id/214572

http://www.osvdb.org/18830

http://www.securityfocus.com/bid/15065

http://www.us-cert.gov/cas/techalerts/TA05-284A.html

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-047

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1244

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1328

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1519

Details

Source: MITRE

Published: 2005-10-13

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 6.5

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8

Severity: MEDIUM

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
21193MS05-047: Plug and Play Remote Code Execution and Local Privilege Elevation (905749) (uncredentialed check)NessusWindows
critical
20000MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)NessusWindows : Microsoft Bulletins
high