| Vulnerability Name: | CVE-2005-2119 (CCN-22467) | ||||||||||||||||
| Assigned: | 2005-10-11 | ||||||||||||||||
| Published: | 2005-10-11 | ||||||||||||||||
| Updated: | 2018-10-12 | ||||||||||||||||
| Summary: | The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer. | ||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2119 Source: CCN Type: SA17161 Microsoft Windows MSDTC and COM+ Vulnerabilities Source: SECUNIA Type: UNKNOWN 17161 Source: CCN Type: SA17172 Avaya Various Products Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 17172 Source: CCN Type: SA17223 Nortel Centrex IP Client Manager Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 17223 Source: CCN Type: SA17509 Nortel CallPilot Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 17509 Source: SREASON Type: UNKNOWN 73 Source: CCN Type: SECTRACK ID: 1015037 Microsoft Windows Buffer Overflows in MSDTC and COM+ Let Remote Users Execute Arbitrary Code and Local User Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1015037 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf Source: EEYE Type: UNKNOWN AD20051011b Source: CCN Type: US-CERT VU#180868 Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message Source: CERT-VN Type: US Government Resource VU#180868 Source: CCN Type: Microsoft Security Bulletin MS05-051 Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400) Source: CCN Type: Microsoft Security Bulletin MS06-018 Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580) Source: CCN Type: Security Advisory P-2005-0056-Global Nortel Networks: Log In Required Source: OSVDB Type: UNKNOWN 18828 Source: CCN Type: OSVDB ID: 18828 Microsoft Windows Distributed Transaction Coordinator (DTC) Memory Modification Remote Code Execution Source: BID Type: UNKNOWN 15056 Source: CCN Type: BID-15056 Microsoft Windows MSDTC Memory Corruption Vulnerability Source: CERT Type: US Government Resource TA05-284A Source: CCN Type: Internet Security Systems Protection Alert October 11, 2005 Multiple Microsoft Vulnerabilities - October 2005 Source: MS Type: UNKNOWN MS05-051 Source: XF Type: UNKNOWN msdtc-message-bo(22467) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1071 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1452 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:551 | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||