CVE-2005-1208
published 2005-06-14CVE-2005-1208: Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a…
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
47.15%
98.7th percentile
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.htmlhttp://secunia.com/advisories/15683http://www.kb.cert.org/vuls/id/851869http://www.securityfocus.com/bid/13953http://www.us-cert.gov/cas/techalerts/TA05-165A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1057https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A381https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A463http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.htmlhttp://secunia.com/advisories/15683http://www.kb.cert.org/vuls/id/851869http://www.securityfocus.com/bid/13953http://www.us-cert.gov/cas/techalerts/TA05-165A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1057https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A381https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A463
2005-06-14
Published