CVE-2005-2765 — LOW (2.1) — White Hats Nepal

Vulnerability Description

The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Microsoft	Windows 2003 Server	64-bit
Microsoft	Windows Xp	All versions

References

http://www.microsoft.com/technet/security/advisory/897663.mspxVendor Advisory
http://www.microsoft.com/technet/security/advisory/897663.mspxVendor Advisory

FAQ

What is CVE-2005-2765?

CVE-2005-2765 is a vulnerability with a CVSS score of 2.1 (LOW). The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activi...

How severe is CVE-2005-2765?

CVE-2005-2765 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2765?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2003 Server, Microsoft Windows Xp.