Vulnerability Name: | CVE-2005-3981 | ||||||||
Assigned: | 2005-12-04 | ||||||||
Published: | 2005-12-04 | ||||||||
Updated: | 2019-04-30 | ||||||||
Summary: | ** DISPUTED ** Note: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. Note: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE. | ||||||||
CVSS v3 Severity: | 6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-3981 Source: BUGTRAQ Type: UNKNOWN 20051201 Microsoft Windows CreateRemoteThread Exploit Source: BUGTRAQ Type: UNKNOWN 20051202 Microsoft Windows CreateRemoteThread Exploit Source: BID Type: Exploit 15671 | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |