PT-2005-2935 · Microsoft · Cdo+4
Gary Oâleary-Steele
·
Published
2005-10-13
·
Updated
2020-04-09
·
CVE-2005-1987
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows (affected versions not specified)
Microsoft Exchange Server (affected versions not specified)
Description
A buffer overflow issue exists in Collaboration Data Objects (CDO), used in Microsoft Windows and Microsoft Exchange Server. This issue allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, such as the
Content-Type string.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cdo
Cdoex
Cdosys
Exchange Server
Windows