CVE-2005-2120

high

Description

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1519

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1328

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1244

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-047

http://www.us-cert.gov/cas/techalerts/TA05-284A.html

http://www.osvdb.org/18830

http://www.kb.cert.org/vuls/id/214572

http://www.eeye.com/html/research/advisories/AD20051011c.html

http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf

http://securitytracker.com/id?1015042

http://securityreason.com/securityalert/71

http://secunia.com/advisories/17223

http://secunia.com/advisories/17172

http://secunia.com/advisories/17166

Details

Source: Mitre, NVD

Published: 2005-10-13

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High