ID CVE-2005-1987
Summary Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
CVSS
Base: 7.5 (as of 12-10-2018 - 21:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2011-05-16T04:00:21.543-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:1130
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (Server 2003)
    version 68
  • accepted 2014-09-29T04:00:08.199-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Dragos Prisaca
      organization G2, Inc.
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:1201
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOEX Message Processing
    version 78
  • accepted 2011-05-16T04:00:55.373-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:1406
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (WinXP,SP1)
    version 67
  • accepted 2011-05-16T04:00:57.283-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name John Hoyland
      organization Centennial Software
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:1420
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (Win2K,SP4)
    version 68
  • accepted 2011-05-16T04:01:11.512-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:1515
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (WinXP,SP2)
    version 68
  • accepted 2011-05-16T04:03:13.817-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:581
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (Server 2003,SP1)
    version 67
  • accepted 2011-05-16T04:03:32.681-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
    family windows
    id oval:org.mitre.oval:def:848
    status accepted
    submitted 2005-10-12T12:00:00.000-04:00
    title Buffer Overflow in CDOSYS Message Processing (64-bit WinXP,SP1)
    version 67
refmap via4
bid 15067
bugtraq 20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability
cert TA05-284A
cert-vn VU#883460
fulldisc 20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability
ms MS05-048
mskb Q907245
osvdb 19905
sectrack
  • 1015038
  • 1015039
secunia 17167
xf win-cdo-bo(22495)
Last major update 12-10-2018 - 21:36
Published 13-10-2005 - 10:02
Back to Top