CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-1983

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0030%
EPSS Percentile32.27th
Published2005年8月10日
Last Modified2026年4月16日

Vulnerability Description

Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.

Affected Platforms (CPE)

💻
Microsoft

Windows 2000

All versions
💻
Microsoft

Windows Xp

All versions

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html
🔗 http://secunia.com/advisories/16372
🔗 http://securitytracker.com/id?1014640
🔗 http://www.ciac.org/ciac/bulletins/p-266.shtml
🔗 http://www.frsirt.com/english/alerts/20050814.ZotobA.php
🔗 http://www.hsc.fr/ressources/presentations/null_sessions/
🔗 http://www.kb.cert.org/vuls/id/998653
🔗 http://www.osvdb.org/18605

相关漏洞威胁

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2000-006110.0

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document h...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2000-107110.0

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote...