cbcvebase.
CVE-2005-1208
published 2005-06-14

CVE-2005-1208: Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a…

PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
47.15%
98.7th percentile
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

Affected

8 ranges
VendorProductVersion rangeFixed in
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
microsoftwindows_2003_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.