Vulnerability Name: | CVE-2005-1987 (CCN-22495) | ||||||||||||||||||||||||||||||||
Assigned: | 2005-10-11 | ||||||||||||||||||||||||||||||||
Published: | 2005-10-11 | ||||||||||||||||||||||||||||||||
Updated: | 2020-04-09 | ||||||||||||||||||||||||||||||||
Summary: | Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. | ||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-120 | ||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||
References: | Source: FULLDISC Type: Broken Link 20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability Source: MITRE Type: CNA CVE-2005-1987 Source: BUGTRAQ Type: Mailing List, Third Party Advisory 20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability Source: CCN Type: SA17167 Microsoft Collaboration Data Objects Buffer Overflow Vulnerability Source: SECUNIA Type: Third Party Advisory 17167 Source: CCN Type: SECTRACK ID: 1015038 Microsoft Exchange Buffer Overflow in Collaboration Data Objects Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: Third Party Advisory, VDB Entry 1015038 Source: CCN Type: SECTRACK ID: 1015039 Microsoft Windows Buffer Overflow in Collaboration Data Objects Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: Third Party Advisory, VDB Entry 1015039 Source: MSKB Type: Patch, Vendor Advisory Q907245 Source: CCN Type: NORTEL BULLETIN ID: 2008008958, Rev 1 Centrex IP Client Manager (CICM) response to Microsoft July security bulletin Source: CCN Type: US-CERT VU#883460 Microsoft Collaboration Data Objects buffer overflow Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#883460 Source: CCN Type: Microsoft Security Bulletin MS05-048 Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245) Source: CCN Type: Microsoft Security Bulletin MS06-019 Vulnerability in Microsoft Exchange Could Allow Remote Code Execution (916803) Source: CCN Type: Microsoft Security Bulletin MS07-026 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832) Source: CCN Type: Microsoft Security Bulletin MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) Source: CCN Type: Microsoft Security Bulletin MS09-003 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) Source: OSVDB Type: Broken Link 19905 Source: CCN Type: OSVDB ID: 19905 Microsoft Collaboration Data Objects Remote Overflow Source: BID Type: Third Party Advisory, VDB Entry 15067 Source: CCN Type: BID-15067 Microsoft Collaboration Data Objects Remote Buffer Overflow Vulnerability Source: CERT Type: Third Party Advisory, US Government Resource TA05-284A Source: MS Type: Patch, Vendor Advisory MS05-048 Source: XF Type: Third Party Advisory, VDB Entry win-cdo-bo(22495) Source: XF Type: UNKNOWN win-cdo-bo(22495) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:1130 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:1201 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:1406 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:1420 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:1515 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:581 Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:848 | ||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||
BACK |