Oval Definition:oval:org.mitre.oval:def:1420
Revision Date:2011-05-16Version:46
Title:Buffer Overflow in CDOSYS Message Processing (Win2K,SP4)
Description:Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-1987
Platform(s):Microsoft Windows 2000
Product(s):
Definition Synopsis
  • Windows 2000 is installed
  • AND Win2K/XP/2003 service pack 4 is installed
  • AND cdosys.dll is less than 6.1.3940.42
  • BACK