CVE - CVE-2005-1983

CVE-ID
CVE-2005-1983	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:14513 URL:http://www.securityfocus.com/bid/14513 CERT:TA05-221A URL:http://www.us-cert.gov/cas/techalerts/TA05-221A.html CERT-VN:VU#998653 URL:http://www.kb.cert.org/vuls/id/998653 CIAC:P-266 URL:http://www.ciac.org/ciac/bulletins/p-266.shtml FULLDISC:20050811 Windows 2000 universal exploit for MS05-039 URL:http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0384.html ISS:20050809 Windows Plug and Play Remote Compromise URL:~~http://xforce.iss.net/xforce/alerts/id/202~~ (Obsolete source - check if archived by the Wayback Machine) MISC:http://www.frsirt.com/english/alerts/20050814.ZotobA.php MISC:http://www.hsc.fr/ressources/presentations/null_sessions/ MISC:http://www.securiteam.com/windowsntfocus/5YP0E00GKW.html MS:MS05-039 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-039 OSVDB:18605 URL:~~http://www.osvdb.org/18605~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:100073 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100073 OVAL:oval:org.mitre.oval:def:160 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A160 OVAL:oval:org.mitre.oval:def:267 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A267 OVAL:oval:org.mitre.oval:def:474 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A474 OVAL:oval:org.mitre.oval:def:497 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A497 OVAL:oval:org.mitre.oval:def:783 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A783 SECTRACK:1014640 URL:http://securitytracker.com/id?1014640 SECUNIA:16372 URL:http://secunia.com/advisories/16372 VUPEN:ADV-2005-1354 URL:~~http://www.vupen.com/english/advisories/2005/1354~~ (Obsolete source) XF:win-plugandplay-bo(21602) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/21602
Assigning CNA
Microsoft Corporation
Date Record Created
20050617	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20050617)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)