Intrusion PreventionMS.Step-By-Step.Interactive.Training.Bookmark.Link.Overflow
Description
It indicates a possible exploit of stack-based buffer overflow vulnerability in Microsoft Windows Interactive training software.
Microsoft Interactive Training is an application included with some OEM versions of Windows XP that allows users to receive multimedia training on a variety of software products. A buffer overflow vulnerability is reported in it that may allow an attacker to execute arbitrary code on the vulnerable system. This is due to orun32.exe application failure to properly validate malformed bookmark files (.cbo, cbl, or .cbm extension) with a long User field. For exploiting this, an attacker may convince a victim to open specially crafted bookmark link file containing an overly long string in the "User" field to cause a stack-based buffer overflow and execute arbitrary code on the vulnerable system.
Affected Products
Microsoft Interactive Training software.
Impact
Compromise of the affected system.
Recommended Actions
Apply security patch to the system as given in the Microsoft Security Bulletin MS05-031.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 | |
| 2019-11-22 | 15.729 | Name:MS. StepByStep. Interactive. Training. Bookmark. Link. Overflow:MS. Step-By-Step. Interactive. Training. Bookmark. Link. Overflow |
| ID | 10128 |
| Created | Jun 20, 2005 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2005-1212 |
| Exploit Prediction Score | 14.08% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |