| Last Updated Date | Jun 08, 2009 |
| Release Date | Aug 16, 2005 |
| Severity | Critical |
| Impact | System compromise: Remote code execution. |
| Description | This indicates a possible attempt to exploit a stack-based Plug and Play buffer-overflow vulnerability in Microsoft Windows.
The vulnerability is due to the Plug and Play (PnP) service's failure to properly bounds check messages containing excessive data. A successful exploit of this vulnerability could lead to arbitrary code execution, resulting in an attacker gaining SYSTEM privileges. This exploit is used by the Zotob (aka Mytob) worm. |
| Affected Products | Microsoft Windows XP Professional SP2, Windows 2000 SP4, Windows 2003 SP1 and all editions and all earlier service packs. |
| Recommended Actions | Apply the security patch to the system as given in the Microsoft Security Bulletin MS05-039. |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1983
|
| Microsoft Bulletin ID | MS05-039 http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx |
| Reference/s | http://www.securityfocus.com/bid/14513 (BugTraq)
http://archives.neohapsis.com/archives/vulndiscuss/2005-q3/0006.html
|