Russian Vulnerability Scanner Database

Back to List

CVE-2005-2120

Scores

EPSS

0.757medium75.7%
0%20%40%60%80%100%

Percentile: 75.7%

CVSS

6.5medium2.0
0246810

CVSS Score: 6.5/10

All CVSS Scores

CVSS 2.0
6.5

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Description

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of “\” (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

Exploits

Exploit ID: 1269

Source: exploitdb

URL: https://www.exploit-db.com/exploits/1269

Exploit ID: 1271

Source: exploitdb

URL: https://www.exploit-db.com/exploits/1271

Vulnerable Software (2)

Type: Configuration

Vendor: *

Product: windows_2000

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_p...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_xp

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_p...

Source: nvd

End of list