CyberSec.Space Logo
Back to CVE Browser

CVE-2005-0551

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1800%
EPSS Percentile41.12th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2003 Server

= r2
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions

References & Advisories

πŸ”— http://www.idefense.com/application/poi/display?id=230&type=vulnerabilities
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1822
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A266
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3544
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A777
πŸ”— http://www.idefense.com/application/poi/display?id=230&type=vulnerabilities
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-018

Related Vulnerabilities

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2000-006110.0

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document h...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2000-107110.0

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote...