CVE-2005-1987

Vulnerability Description

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0289.htmlBroken Link
• http://marc.info/?l=bugtraq&m=112915118302012&w=2Mailing ListThird Party Advisory
• http://secunia.com/advisories/17167Third Party Advisory
• http://securitytracker.com/id?1015038Third Party AdvisoryVDB Entry
• http://securitytracker.com/id?1015039Third Party AdvisoryVDB Entry
• http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ907245
• http://www.kb.cert.org/vuls/id/883460Third Party AdvisoryUS Government Resource
• http://www.osvdb.org/19905Broken Link
• http://www.securityfocus.com/bid/15067Third Party AdvisoryVDB Entry
• http://www.us-cert.gov/cas/techalerts/TA05-284A.htmlThird Party AdvisoryUS Government Resource
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-04PatchVendor Advisory
• https://exchange.xforce.ibmcloud.com/vulnerabilities/22495Third Party AdvisoryVDB Entry
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory