ID CVE-2005-1219
Summary Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:image_color_management:-:gold:windows
    cpe:2.3:a:microsoft:image_color_management:-:gold:windows
CVSS
Base: 7.5 (as of 14-07-2005 - 08:33)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description MS Windows Color Management Module Overflow Exploit (MS05-036). CVE-2005-1219. Dos exploit for windows platform
    id EDB-ID:1116
    last seen 2016-01-31
    modified 2005-07-21
    published 2005-07-21
    reporter snooq
    source https://www.exploit-db.com/download/1116/
    title Microsoft Windows - Color Management Module Overflow Exploit MS05-036
  • description MS Windows Color Management Module Overflow Exploit (MS05-036) (2). CVE-2005-1219. Remote exploit for windows platform
    id EDB-ID:1506
    last seen 2016-01-31
    modified 2006-02-17
    published 2006-02-17
    reporter darkeagle
    source https://www.exploit-db.com/download/1506/
    title Microsoft Windows - Color Management Module Overflow Exploit MS05-036 2
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS05-036.NASL
description The remote host contains a version of the Color Management Module that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page.
last seen 2019-02-21
modified 2018-11-15
plugin id 18681
published 2005-07-12
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=18681
title MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
oval via4
  • accepted 2005-09-21T01:33:00.000-04:00
    class vulnerability
    contributors
    name Christine Walzer
    organization The MITRE Corporation
    description Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
    family windows
    id oval:org.mitre.oval:def:1125
    status accepted
    submitted 2005-08-02T12:00:00.000-04:00
    title Server 2003 Color Management Module Buffer Overflow
    version 63
  • accepted 2011-05-16T04:00:46.156-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
    family windows
    id oval:org.mitre.oval:def:1280
    status accepted
    submitted 2005-08-02T12:00:00.000-04:00
    title Windows 2000 Color Management Module Buffer Overflow
    version 68
  • accepted 2011-05-16T04:02:44.137-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
    family windows
    id oval:org.mitre.oval:def:330
    status accepted
    submitted 2005-08-02T12:00:00.000-04:00
    title Windows XP,SP2 Color Management Module Buffer Overflow
    version 68
  • accepted 2011-05-16T04:02:59.646-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
    family windows
    id oval:org.mitre.oval:def:440
    status accepted
    submitted 2005-08-02T12:00:00.000-04:00
    title Windows XP,SP1 Color Management Module Buffer Overflow
    version 67
  • accepted 2011-05-16T04:03:26.446-04:00
    class vulnerability
    contributors
    • name Christine Walzer
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
    family windows
    id oval:org.mitre.oval:def:769
    status accepted
    submitted 2005-08-02T12:00:00.000-04:00
    title Server 2003,SP1 Color Management Module Buffer Overflow
    version 67
refmap via4
bid 14214
cert TA05-193A
cert-vn VU#720742
ms MS05-036
secunia 16004
saint via4
bid 14214
description Microsoft Color Management Module profile tag buffer overflow
id win_patch_mcmm
osvdb 17830
title ms_color_mgmt_profile_tag
type client
Last major update 10-09-2008 - 15:38
Published 12-07-2005 - 00:00
Last modified 12-10-2018 - 17:36
Back to Top