Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
Score CVSS v2.0
7.5
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Informations
- Publié
- 13 oct. 2005
- Mis à jour
- 16 avr. 2026
- Statut
- Modified
- Source
- secure@microsoft.com
Produits affectés
microsoft exchange server
Versions : 2000
microsoft windows 2000
microsoft windows server 2003
Versions : r2, sp1
microsoft windows xp
Faiblesses (CWE)
CWE-120
Références (38)
- http://marc.info/?l=bugtraq&m=112915118302012&w=2Mailing ListThird Party Advisory
- http://secunia.com/advisories/17167Third Party Advisory
- http://securitytracker.com/id?1015038Third Party AdvisoryVDB Entry
- http://securitytracker.com/id?1015039Third Party AdvisoryVDB Entry
- http://www.kb.cert.org/vuls/id/883460Third Party AdvisoryUS Government Resource
- http://www.osvdb.org/19905Broken Link
- http://www.securityfocus.com/bid/15067Third Party AdvisoryVDB Entry
- http://www.us-cert.gov/cas/techalerts/TA05-284A.htmlThird Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22495Third Party AdvisoryVDB Entry
- + 23 autres références sur NVD
CVEs similaires
Autres vulnérabilités de type CWE-120
Loading…
Surveillez vos produits
Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.