Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-3981Microsoft Windows 2003 Server vulnerability

4 documents4 sources
Severity
4.9MEDIUMNVD
EPSS
0.7%
top 28.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows 2003 Server
Timeline
PublishedDec 4
Latest updateMay 1

Description

NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-q98m-jc54-9j83: ** DISPUTED ** NOTE: this issue has been disputed by third parties2022-05-01
CVEList
CVE-2005-3981: NOTE: this issue has been disputed by third parties2005-12-04

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service2005-12-01
CVE-2005-3981 — Microsoft vulnerability | cvebase