Vulnerability CVE-2005-0044

Vulnerability Name:

CVE-2005-0044 (CCN-19109)

Assigned:

2005-02-08

Published:

2005-02-08

Updated:

2019-04-30

Summary:

The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2005-0044

Source: CCN
Type: CIAC Information Bulletin P-128
Microsoft Vulnerability in OLE and COM

Source: CCN
Type: US-CERT VU#927889
Microsoft OLE buffer overflow

Source: CERT-VN
Type: Patch, US Government Resource
VU#927889

Source: CCN
Type: Microsoft Security Bulletin MS05-012
Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)

Source: CCN
Type: Microsoft Security Bulletin MS05-051
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

Source: CCN
Type: Microsoft Security Bulletin MS06-018
Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580)

Source: CCN
Type: BID-12488
Microsoft OLE Remote Buffer Overflow Vulnerability

Source: CERT
Type: US Government Resource
TA05-039A

Source: MS
Type: UNKNOWN
MS05-012

Source: XF
Type: UNKNOWN
win-ole-code-execution(19109)

Source: XF
Type: UNKNOWN
win-ole-code-execution(19109)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1180

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2917

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:3568

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:4499

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:exchange_server:5.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:home:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*

OR cpe:/a:microsoft:office:xp:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:5.5:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2003:*:*:*:*:*:*:*

OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:5.0:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2003:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:*

OR cpe:/a:microsoft:office:2003:sp1:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:1180	V	OLE Component Input Validation Vulnerability (32-bit XP,SP2)	2011-05-16
oval:org.mitre.oval:def:2917	V	OLE Component Input Validation Vulnerability (Windows 2000)	2011-05-16
oval:org.mitre.oval:def:4499	V	OLE Component Input Validation Vulnerability (Windows XP)	2011-05-16
oval:org.mitre.oval:def:3568	V	OLE Component Input Validation Vulnerability (Server / XP 2003)	2005-03-29

BACK