CVE-2005-2119
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/10/2005
Last modified:
03/04/2025
Description
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/17161
- http://secunia.com/advisories/17172
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17509
- http://securityreason.com/securityalert/73
- http://securitytracker.com/id?1015037=
- http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
- http://www.eeye.com/html/research/advisories/AD20051011b.html
- http://www.kb.cert.org/vuls/id/180868
- http://www.osvdb.org/18828
- http://www.securityfocus.com/bid/15056
- http://www.us-cert.gov/cas/techalerts/TA05-284A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1071
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1452
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A551
- http://secunia.com/advisories/17161
- http://secunia.com/advisories/17172
- http://secunia.com/advisories/17223
- http://secunia.com/advisories/17509
- http://securityreason.com/securityalert/73
- http://securitytracker.com/id?1015037=
- http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf
- http://www.eeye.com/html/research/advisories/AD20051011b.html
- http://www.kb.cert.org/vuls/id/180868
- http://www.osvdb.org/18828
- http://www.securityfocus.com/bid/15056
- http://www.us-cert.gov/cas/techalerts/TA05-284A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-051
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1071
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1452
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A551