Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
CVSS v2.0 Score
7.5
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Information
- Published
- 13 oct. 2005
- Updated
- 16 avr. 2026
- Status
- Modified
- Source
- secure@microsoft.com
Affected products
microsoft exchange server
Versions : 2000
microsoft windows 2000
microsoft windows server 2003
Versions : r2, sp1
microsoft windows xp
Weaknesses (CWE)
CWE-120
References (38)
- http://marc.info/?l=bugtraq&m=112915118302012&w=2Mailing ListThird Party Advisory
- http://secunia.com/advisories/17167Third Party Advisory
- http://securitytracker.com/id?1015038Third Party AdvisoryVDB Entry
- http://securitytracker.com/id?1015039Third Party AdvisoryVDB Entry
- http://www.kb.cert.org/vuls/id/883460Third Party AdvisoryUS Government Resource
- http://www.osvdb.org/19905Broken Link
- http://www.securityfocus.com/bid/15067Third Party AdvisoryVDB Entry
- http://www.us-cert.gov/cas/techalerts/TA05-284A.htmlThird Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22495Third Party AdvisoryVDB Entry
- + 23 more references on NVD
Similar CVEs
Other vulnerabilities of type CWE-120
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.